General
-
Target
5d2204f3a20e163120f52a2e3595db19890050b2faa96c6cba6b094b0a52b0aa.7z
-
Size
206KB
-
Sample
241111-vschksscnm
-
MD5
8e8e334ecaa9132f6e235c1e50d11e2b
-
SHA1
882d79d8d3f8461b45749a5ddec02d74af04e5ff
-
SHA256
96fdea105cf5bcf54071a6f6ff4395cc38f7dd923faf9736df4252b39926c8dd
-
SHA512
5a76c386d31c7c2fee5a86c2a75c1ed899e577635e19b0820814f15545997964a13d2e0a9d3888ebaa88a54419a8c88495e970b20fc53d0dcc48dacd1a7027fa
-
SSDEEP
6144:PNv7s6xrtx7M5ugBu7APAEMXRxO+4jKza:Z7s6F7AHBu0PAEMXRx50Kza
Malware Config
Targets
-
-
Target
5d2204f3a20e163120f52a2e3595db19890050b2faa96c6cba6b094b0a52b0aa.7z
-
Size
206KB
-
MD5
8e8e334ecaa9132f6e235c1e50d11e2b
-
SHA1
882d79d8d3f8461b45749a5ddec02d74af04e5ff
-
SHA256
96fdea105cf5bcf54071a6f6ff4395cc38f7dd923faf9736df4252b39926c8dd
-
SHA512
5a76c386d31c7c2fee5a86c2a75c1ed899e577635e19b0820814f15545997964a13d2e0a9d3888ebaa88a54419a8c88495e970b20fc53d0dcc48dacd1a7027fa
-
SSDEEP
6144:PNv7s6xrtx7M5ugBu7APAEMXRxO+4jKza:Z7s6F7AHBu0PAEMXRx50Kza
Score10/10-
Black Basta
A ransomware family targeting Windows and Linux ESXi first seen in February 2022.
-
Black Basta payload
-
Blackbasta family
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Modifies boot configuration data using bcdedit
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Sets desktop wallpaper using registry
-