General
-
Target
11129aad3b5baa1d118ec0ee3922278c194e43f6e2f0fcef221c65e5f4490d3b.exe
-
Size
2.6MB
-
Sample
241028-cm9xsavqdy
-
MD5
523d6d251e5f8f9d7db1a3645967e72e
-
SHA1
aca4932ac18f5c0227ee85e01da35a0b66285424
-
SHA256
11129aad3b5baa1d118ec0ee3922278c194e43f6e2f0fcef221c65e5f4490d3b
-
SHA512
f4910a6c30e3f18564e77e47f5a2d0172775a880e39d93629de5c4094b22efc90c0d5c5518ed5952c7eeeb8861b55b2bdfac5a402fa11d1dac205d986046e05b
-
SSDEEP
49152:vFDi8DIuiRIGgmGjunBD95D8L5ZtGtXaP4La47RvmcfXGhCz7CNyHbn877QZI1w:vXxYSm9BfDCn4tqP4W2RvhfXGQzOQHbJ
Static task
static1
Behavioral task
behavioral1
Sample
11129aad3b5baa1d118ec0ee3922278c194e43f6e2f0fcef221c65e5f4490d3b.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
11129aad3b5baa1d118ec0ee3922278c194e43f6e2f0fcef221c65e5f4490d3b.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
C:\Program Files\instructions_read_me.txt
blackbasta
https://bastad5huzwkepdixedg2gekg7jk22ato24zyllp6lnjx7wdtyctgvyd.onion/
Targets
-
-
Target
11129aad3b5baa1d118ec0ee3922278c194e43f6e2f0fcef221c65e5f4490d3b.exe
-
Size
2.6MB
-
MD5
523d6d251e5f8f9d7db1a3645967e72e
-
SHA1
aca4932ac18f5c0227ee85e01da35a0b66285424
-
SHA256
11129aad3b5baa1d118ec0ee3922278c194e43f6e2f0fcef221c65e5f4490d3b
-
SHA512
f4910a6c30e3f18564e77e47f5a2d0172775a880e39d93629de5c4094b22efc90c0d5c5518ed5952c7eeeb8861b55b2bdfac5a402fa11d1dac205d986046e05b
-
SSDEEP
49152:vFDi8DIuiRIGgmGjunBD95D8L5ZtGtXaP4La47RvmcfXGhCz7CNyHbn877QZI1w:vXxYSm9BfDCn4tqP4W2RvhfXGQzOQHbJ
-
Black Basta
A ransomware family targeting Windows and Linux ESXi first seen in February 2022.
-
Blackbasta family
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-