MAL_RANSOM_BlackBasta_Jun22_1

Rule Info

Name
MAL_RANSOM_BlackBasta_Jun22_1
Author
Florian Roth
Description
Detects Black Basta ransomware
Score
85
Reference
https://www.cybereason.com/blog/cybereason-vs.-black-basta-ransomware#iocs
Date
2022-06-29
Minimum Yara
1.7
Rule Hash
25054d4ae8978d1053a891c7ae08ddd2
Tags
['FILE', 'CRIME', 'RANSOM', 'EXE', 'MAL']
Required Modules
[]
Virustotal Matches
https://www.virustotal.com/gui/search/mal_ransom_blackbasta_jun22_1/comments

Antivirus Verdicts

Rating
Number of Samples
Malicious (>= 10 engines)
28
Suspicious (< 10 engines)
3
Clean (0 engines)
0

Rule Matches

Timestamp
Positives
Total
Hash
VT
2024-09-23 07:02:04
55
73
0db7a0327192710c403e021cbfc3902d75c729b3ba59d87159bf8f59a151a481
2024-06-12 14:02:50
51
74
ab913b3bb637447f33add3c7020d353389738e4d532b905caed04c7c7f399277
2024-01-14 04:05:33
39
67
69192821f8ce4561cf9c9cb494a133584179116cb2e7409bea3e18901a1ca944
2023-06-20 03:14:14
43
71
b2adddf15255d1ab9d147d4edde681987438265a0e7dcc049d109a6b66a2fc8b
2023-04-30 09:06:44
48
71
d1949c75e7cb8e57f52e714728817ce323f6980c8c09e161c9e54a1e72777c13
2023-01-03 05:58:05
48
66
50f45122fdd5f8ca05668a385a734a278aa126ded185c3377f6af388c41788cb
2022-11-08 20:10:53
19
66
aa7ef4bb8d0eab74af36162fe42056008d7e19e62ff1b50b870e72140a7b5bd2
2022-11-05 07:37:25
22
71
cb6e26c2ab8dc2148d4f3f3102d1c257b2f22aba749463c04b1a420742eb92bc
2022-10-15 09:21:36
43
72
d943a4aabd76582218fd1a9a0a77b2f6a6715b198f9994f0feae6f249b40fdf9
2022-10-13 18:01:56
18
72
03309c90e6c60a2e3cd44374efa3003ae10cd9e05ba6a39c77aa5289b32cb969
2022-10-11 09:11:03
2
63
d15cecd1d8bf85a059dd6def0070dbd651a1aa96e3826c42c011ad33f39ce61e
2022-10-09 09:16:24
1
64
cf1256ae391410f7ebc785d180eb03ff36135cf8f9051b6d8c803386abdafb78
2022-10-07 10:18:55
21
55
449d87ca461823bb85c18102605e23997012b522c4272465092e923802a745e9
2022-10-07 10:12:30
28
67
dc56a30c0082145ad5639de443732e55dd895a5f0254644d1b1ec1b9457f04ff
2022-10-06 23:45:45
32
72
699aaea1598a034cde7ed88cd8a8a36fd59447e09bddef566357061774c48a76
2022-10-06 23:41:26
28
71
9a55f55886285eef7ffabdd55c0232d1458175b1d868c03d3e304ce7d98980bc
2022-10-02 03:14:01
1
61
d68ec5291d00e29cb2db4bf0d2ce37f467752a944fcd3c986fd32bc8472d5844
2022-09-29 13:21:05
16
68
cb182efaeb498a0b63a89204766754ef6f98bf55c954fdd83bea89f262d97289
2022-09-27 18:39:49
32
71
48976d7bf38cca4e952507e9ab27e3874ca01092eed53d0fde89c5966e9533bb
2022-09-13 16:39:00
37
71
affcb453760dbc48b39f8d4defbcc4fc65d00df6fae395ee27f031c1833abada
2022-09-13 16:38:25
47
71
cce74c82a718be7484abf7c51011793f2717cfb2068c92aa35416a93cbd13cfa
2022-08-10 10:49:10
46
71
ab1a3f8a0510ffa3c043bc200fe357c9ce220ea916f50b8b5b454027ef935c54
2022-07-31 12:03:09
49
71
9fce9ee85516533bae34fc1184a7cf31fa9f2c7889b13774f83d1df561708833
2022-07-25 14:51:57
47
71
203d2807df6ef531efbec7bfd109986de3e23df64c01ea4e337cbe5ba675248b
2022-07-12 08:56:07
48
65
1d040540c3c2ed8f73e04c578e7fb96d0b47d858bbb67e9b39ec2f4674b04250
2022-07-12 02:33:56
55
68
17205c43189c22dfcb278f5cc45c2562f622b0b6280dcd43cc1d3c274095eb90
2022-07-11 18:48:00
58
69
ae7c868713e1d02b4db60128c651eb1e3f6a33c02544cc4cb57c3aa6c6581b6e
2022-07-11 10:23:40
57
69
7883f01096db9bcf090c2317749b6873036c27ba92451b212b8645770e1f0b8a
2022-07-09 08:40:17
56
69
5d2204f3a20e163120f52a2e3595db19890050b2faa96c6cba6b094b0a52b0aa
2022-07-07 11:06:55
44
62
a54fef5fe2af58f5bd75c3af44f1fba22b721f34406c5963b19c5376ab278cd1
2022-07-01 21:43:22
53
68
5b6c3d277711d9f847be59b16fd08390fc07d3b27c7c6804e2170f456e9f1173

Rule Matches per Month (last 24 months)

THOR Logo  Scan your endpoints, forensic images or collected files with our portable scanner THOR
  Warning: Access to VALHALLA is rate-limited - once you prove unworthy, access gets denied
  Nextron Systems 2022