Extracted

• • Target

    b.zip

  • Size

    446KB

  • MD5

    9cefa111452fd3674d0d7e3e24ea076b

  • SHA1

    c185f75dd1285e35ff59b2003ef855382d6a850f

  • SHA256

    1806b7cc24522509cab563bea8d1dc6c9c992c9d5c575836de3f363a7b10a8cc

  • SHA512

    b01413da6c974821b1365a264650f5daf6a6bddbf311df33c20b60fb654e6a33a070587edaa3e3f89d63ffaa14aa4ddb4b6c05ff8d2966df6561f7e4fef685ea

  • SSDEEP

    12288:soutuJQIn872o78fwwHqo5C8nDDCLu/ou7I0ngv0q:shsJQo87QfUo5CkDOLr8bBq

  Score

  10^/10

  blackbastaphishingransomware

  • Black Basta

    A ransomware family targeting Windows and Linux ESXi first seen in February 2022.

    ransomwareblackbasta

  • Blackbasta family

    blackbasta

  • Renames multiple (210) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

  • A potential corporate email address has been identified in the URL: [email protected]

    phishing

  • Loads dropped DLL

  behavioral1