General
-
Target
bebd409c8fae76c16040bcd69eed914520d3660ab2da057955e0fe6bef65bda1.bin.sample
-
Size
1023KB
-
Sample
241218-n7a5qsyqhl
-
MD5
d231f7e053b711e99a40c1070992064f
-
SHA1
2a59f88f51fbe966382e2b82b22bdd6981240cb7
-
SHA256
bebd409c8fae76c16040bcd69eed914520d3660ab2da057955e0fe6bef65bda1
-
SHA512
d4778c696c87ad918e798413bf4ab535cbed6ffaf411635b3ee86b8be48e3fc1c35ae78f1514ce015ea56527cccd679a1cdaa2498514891f16b045e022fb3c7d
-
SSDEEP
12288:XlouFyOk1C+SWYgeWYg955/155/sxw5USG2eaumYIhg8/X1lBYK4o1TpzkBmbzyu:XlouFyOkY+lYKDyKIRQboJXhKTnVrf
Static task
static1
Behavioral task
behavioral1
Sample
bebd409c8fae76c16040bcd69eed914520d3660ab2da057955e0fe6bef65bda1.bin.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
bebd409c8fae76c16040bcd69eed914520d3660ab2da057955e0fe6bef65bda1.bin.dll
Resource
win10v2004-20241007-en
Malware Config
Extracted
C:\Program Files\instructions_read_me.txt
blackbasta
https://bastad5huzwkepdixedg2gekg7jk22ato24zyllp6lnjx7wdtyctgvyd.onion/
Targets
-
-
Target
bebd409c8fae76c16040bcd69eed914520d3660ab2da057955e0fe6bef65bda1.bin.sample
-
Size
1023KB
-
MD5
d231f7e053b711e99a40c1070992064f
-
SHA1
2a59f88f51fbe966382e2b82b22bdd6981240cb7
-
SHA256
bebd409c8fae76c16040bcd69eed914520d3660ab2da057955e0fe6bef65bda1
-
SHA512
d4778c696c87ad918e798413bf4ab535cbed6ffaf411635b3ee86b8be48e3fc1c35ae78f1514ce015ea56527cccd679a1cdaa2498514891f16b045e022fb3c7d
-
SSDEEP
12288:XlouFyOk1C+SWYgeWYg955/155/sxw5USG2eaumYIhg8/X1lBYK4o1TpzkBmbzyu:XlouFyOkY+lYKDyKIRQboJXhKTnVrf
Score10/10-
Black Basta
A ransomware family targeting Windows and Linux ESXi first seen in February 2022.
-
Blackbasta family
-
Renames multiple (9721) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops desktop.ini file(s)
-