blackbasta | 64b434ba8ece57e943593ae0972c77e311ea9e80a4975e52814797aa99d4c5f7 | Triage

Sharing

General

Target

3d8713641264c41cd6784c5569c1447299fba88633070e40e70bb3ae2b4c5a4e.zip
Size

606KB
Sample

240823-yj82zavfrm
MD5

b38b0f0c259bc32ea8f47ac0f61fdca2
SHA1

3150ac258219a1b3853b49a50761216c7951d491
SHA256

64b434ba8ece57e943593ae0972c77e311ea9e80a4975e52814797aa99d4c5f7
SHA512

61658f967ef144d43c765ba3ff1272116776d1f8b894ad0f4003f8ab639060788a89aff9608ab331c76f3f78aacf9b22c4247dc18af4491450292a63e5c7cf18
SSDEEP

12288:U6CuooCCJzsGMIcDLIFwzVj67uv0SMm01FCfe2hd77J5DyPc:eoZzsFIcDXj67p7m0LzMkc

Score

10^/10

blackbasta defense_evasion discovery execution impact ransomware

Malware Config

Targets

- Target
  
  3d8713641264c41cd6784c5569c1447299fba88633070e40e70bb3ae2b4c5a4e.exe
- Size
  
  928KB
- MD5
  
  2dc4adf06247b4ed9031a53ef910626c
- SHA1
  
  789437e946b3e8d1ccd14ee70e42c7d89ba054b2
- SHA256
  
  3d8713641264c41cd6784c5569c1447299fba88633070e40e70bb3ae2b4c5a4e
- SHA512
  
  9e6eaa4b27e2d6bc1306c33e74465256fab086972680d3a0014cafca8f22bbf865ffaa0f81332ffef83287252faf2ca0c7f369d11412b19ffb57e8e72ea5e0ae
- SSDEEP
  
  24576:oUY29aeV/XqzB+qv6w8zJx/W2nz9dPOmX:oUYMPqzFvT8/W2nznP
Score

10^/10

blackbasta defense_evasion discovery execution impact ransomware
- Black Basta
  A ransomware family targeting Windows and Linux ESXi first seen in February 2022.
  ransomware blackbasta
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware defense_evasion impact execution
- Sets desktop wallpaper using registry
  ransomware
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Windows Management Instrumentation

Persistence

Privilege Escalation

Defense Evasion

Direct Volume Access

Indicator Removal

File Deletion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Inhibit System Recovery

Tasks

static1

behavioral1

blackbastadefense_evasiondiscoveryexecutionimpactransomware