Extracted

• • Target

    file

  • Size

    681KB

  • MD5

    a41afe748aed818ab6ac94e81bdde610

  • SHA1

    9468012acf6df7a0e593f41e0da8123f541277df

  • SHA256

    4b83aaecddfcb8cf5caeff3cb30fee955ecfc3eea97d19dccf86f24c77c41fc4

  • SHA512

    43394cb5e461fb43d324e5b5c212d3c9832fd659e81cd6e250beff7b738d00eaedc2ab0d37f8f3a2cf513997dfc838c31380c64d5e911c65329caf65fb570975

  • SSDEEP

    12288:FMJYSP5VV3VG7rYyPT+p/VYXMJ8oD536bGIqs7GBvw0QygfmHp:FMVj3IXYETQV1XD5VIZ7GOg1J

  Score

  10^/10

  defense_evasiondiscoveryexecutionimpactransomwareblackbasta

  • Black Basta

    A ransomware family targeting Windows and Linux ESXi first seen in February 2022.

    ransomwareblackbasta

  • Blackbasta family

    blackbasta

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomwaredefense_evasionimpactexecution

  • Renames multiple (747) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  behavioral1behavioral2