MAL_RANSOM_BlackBasta_Jun22_1

Rule Info

Name
MAL_RANSOM_BlackBasta_Jun22_1
Author
Florian Roth
Description
Detects Black Basta ransomware
Score
85
Reference
https://www.cybereason.com/blog/cybereason-vs.-black-basta-ransomware#iocs
Date
2022-06-29
Minimum Yara
3.5.0
Rule Hash
25054d4ae8978d1053a891c7ae08ddd2
Tags
['RANSOM', 'blackbasta', 'EXE', 'MAL', 'CRIME', 'FILE']
Required Modules
[]
Virustotal Matches
https://www.virustotal.com/gui/search/mal_ransom_blackbasta_jun22_1/comments

Antivirus Verdicts

Rating
Number of Samples
Malicious (>= 10 engines)
98
Suspicious (< 10 engines)
3
Clean (0 engines)
0

Rule Matches

Timestamp
Positives
Total
Hash
VT
2026-03-09 06:36:06
38
72
e7d991be2ebddb5021ea4c84f78ceb2b4c2f1e3974e275308cde94ee2692a2b7
2026-03-09 06:35:54
51
73
7ae034b0fefff3a900367d0546a84e4f50ad98e72ab6f535b47f422d0c2050c1
2026-03-09 06:34:44
56
73
39bd8c097dff12a915e044656e7e96d6ffb6a51afe4c5c88a1601c74292bbc11
2026-03-09 06:27:35
48
72
252148c1d926874b5e954ccc39d5a53d76ba88c1d5f76eca1e2d9aa1c4acd43e
2026-03-09 06:24:13
52
71
806b2112ab8c68c67bdde22c367743abadeb0bc9fa42a63756d70123b496a9ca
2026-03-09 06:20:14
52
72
d7e4665a54a6871dbf67b340cf6e2e0c80226e5d60baacc94e07e20fcbec1af2
2026-03-09 06:15:16
34
72
b1e6d875f1af1d4147d691f235ac97bb206b9e86185ad657a8db8aed83cf7382
2026-03-09 06:13:55
50
73
ba71c3ff32d3d4d2d93c1ba092b0e74f1f7709c66bdf4698f4537ab994688c86
2026-03-09 06:11:54
49
70
14c11ea81ff67cbd06ec6931dad44390df8a7fc540cdaeb769e713cc96cada1b
2026-03-09 06:07:26
39
73
0c76f9321eb6a8ad8486df322bf34415fb0d697f3a0d9987f60091874bff8b8c
2026-03-09 06:06:39
53
73
65d49d188c99d1192918e8e473c83966475a04c6641082b96d5e2854ef821306
2026-03-09 06:04:44
52
72
e31a759ad2861d0d7320c1ca1ba0eba2693e894e6ead6dd59eb21fc310f17078
2026-03-09 06:04:04
56
73
d7139e5f00c405c8938f2ac91f19b2a361f12ddab835fad615ab0a15daa1ff91
2026-03-09 06:01:44
50
72
c50229699dfdb53225211e2e2aa0fc893973e0458adf2929e8e7ae5c9bd11f51
2026-03-09 06:00:24
58
73
f05c0d25eb13ba39d8a812cb30dc9f9701a89cf59f8d26b876d2292e51cdd9a9
2026-03-09 05:57:56
57
73
dd3360ee5bea8a475cdad880eb9f622179ed138662f3e625e84d3e69eaf5d344
2026-03-09 05:57:04
51
73
ccfafbb3e2dfbfc20170022ec183b895ba441f2c037861773df49b69204483a4
2026-03-09 05:54:53
56
73
c0973cdd6bb28616cc273f86c7a68300e366813e74f950a7d03d3d0b7ac2c5e0
2026-03-09 05:53:13
49
71
167c10a796f2c878b0b45b89ed81444e4b42412e1b10758c6569b75e3a01388a
2026-03-09 05:49:53
49
73
c85a22e86c0e7b60e53317f6307f9a0411b23f73f2e1cc9ef11eb4019c0a251e
2026-03-09 05:43:23
54
73
2f02a33583811392955a5344cde750cfd2bcb7de70fbc75e09e3315507f7e82b
2026-03-09 05:40:35
52
72
3bc4c2382ab9cfb129b3f147413e1c0f9d77d5b9b5a51f5fd4559e884e725ff9
2026-03-09 05:15:42
49
71
f3c820a034872b8cfea214eaa646cd373dd8af130469394da8cc22d5801e75c1
2026-03-09 05:05:05
35
73
66948593b68bddaba9e670c01d46b2055da3102c9fa11028c78c7b7c664c9de7
2026-03-09 05:04:14
51
73
ac38b5f6061968a632220e60e731f209206c59a61fcd03dddb01e05666c6adb6
2026-03-09 04:59:24
39
73
bcce6aa3491cc9faf022155d67c35de65be7adfca49a0e1ef4b48f7fd8084c3b
2026-03-09 04:57:35
52
72
101eabd591a7c695d1292a96b4cbefd0a63b2d0cf68ff220677b2f2436f59c2f
2026-03-09 04:57:14
51
73
c572e4b8791218d4aea87d9338c935674dec1dde49611f3b792325f4c9a23c89
2026-03-09 04:55:25
53
73
3262bcd11e1b3e6be6628d3bac0b94761724396948b3fce286acd49e311b96f0
2026-03-09 04:54:24
57
73
9e0eff0c0b484a12c3af35983da9649df8553ee79a5ad8229c8dcc1809f7e395
2026-03-09 04:53:43
56
73
a2c0ac351fe44c656bb05eb18406819c4485d614ebd8e11001d020d6fb7e2565
2026-03-09 04:51:45
58
73
b6f66e2a6338a486c7cbc49fb8fa9d180314e5939a94233dbcb05a8d1207562f
2026-03-09 04:50:26
51
73
5b48e4995ea71aab96b437b5718e025ffe3d2f0672a86ebd86ca7f428c8b4cec
2026-03-09 01:22:26
39
73
23988633254726999b02cac4253eb85d853e2caa8f486914f5f431780a8d63b9
2026-03-09 01:19:57
56
73
9502bfabd7aa8a79895c771a9c8da7753f1598b810ab96adc2a872a49210e624
2026-03-09 01:17:34
50
72
acb5d4e3c0ab34f1a762d310dba15dc5e6dbaba09f7f02cba3bc1fbcbfea1822
2026-03-09 01:16:24
49
73
ca243ff9ee2091d668b86dd084b7517ba30b0a840cd31394834f92af727f600f
2026-03-09 01:08:20
54
73
4e0eb79b2881cd3957f86cad098dfb0e8799d7b308e8e7a8ae780ab665143abe
2026-03-09 01:07:30
53
73
069c3c6c6877bb7efb82218219395de94f8a17a8b8f2530326685232348d61fe
2026-03-09 00:56:24
50
72
9e608f7492c7bdd0fa2f52e616bc4bf3f34d1dedb03b952da6d19df3335b258b
2026-03-09 00:55:34
35
73
0504ef1e799a071e33b5b3eb79d98242eb65e8e67d31d4080ef5f78da67c7d19
2026-03-09 00:52:14
50
72
190626901daf15a16f17438bc8f12c36cb4de2a3aa6dddae6b6a55fffb513ebc
2026-03-09 00:48:34
38
72
0f1f6bde8c6aeadf74b1b8d3bb966deb99392886fcca9f7f660a1ddc7feae563
2026-03-09 00:46:44
52
72
c086e9c92b20ff0c8ce3004b7b1e7406bd9658036b14f72abdb931c12ff37933
2026-03-09 00:46:24
53
73
a5cb2949c1a5277c7dd61783b91c9f2fff73903ae06116f616224bf129db27df
2026-03-09 00:45:43
51
73
57a94f031315d79e7dcca00e56bc9bc29f5acdedbaf918828d7307d4e5114bf4
2026-03-09 00:44:34
56
73
3cc30d3bf497857c974650330b0f03bfb6e7eaa97ffdf9903a2cb3d6e7acfd54
2026-03-09 00:43:36
56
72
6a72e84ae3e4fabfbbf886a6b97f39ac0e4b044d5e0d7188d6b28702ba6dc743
2026-03-09 00:42:04
58
73
e4eeb69561dae6d9dad6536279e8bf8ababbe2cfccff8733ca73c5a7bbeeab6d
2026-03-09 00:41:04
51
73
ec61c8a1af342cc1d2ce58c35a5cefa8b7f649c4f795622aed3d7db33cf66486
2026-03-09 00:41:03
39
73
1cf610e76c38bb37a01bce554a87262ca2dc4e2f9742b273d19dcc4971541b01
2026-03-09 00:39:14
56
73
589c680633143e149e53df914cd72075cbe98cd53ac35ac3311a5710aaee9d93
2026-03-09 00:38:14
24
73
bd33e9df23bfdc3e8d24c9b7219c4846a67ce50265bd643022be143627dbf710
2026-03-09 00:37:25
50
72
43c918b78f37af2694a45c026bc0d647bd7f465c98c8d4859169dc0ba51c0f14
2026-03-09 00:37:03
50
73
cdd780e1a916f2baac1a520ee7f373f7d5f198d3c12bfd74c127d96bdb340640
2026-03-09 00:27:04
53
72
6df8bdf4b5d125c07d563dcdd4d1b5d18383931b8d9556ede39a36d63ecf7d2e
2026-03-09 00:23:15
52
72
d65f57c7abb66585c614abffd6cf7d8d23c3c0fd252b7c895163468faa2e397e
2026-03-09 00:12:35
49
72
611ea5ce4e9adc80edbc5e27703a4246d403ec980953fb80454db5ab49c117ac
2026-03-09 00:08:34
50
72
b50339f68d40d9c3f4a7d9c2131c2ff1db275edbd72156fa7f04b505766068c9
2026-03-09 00:05:24
34
72
62a5d0415087030ea05efb670ffb5343b6f7594006ab35a7870b1cabf64e4fae
2026-03-09 00:03:24
53
73
52ae853fdf9d04d7c2a52ad68f8387476f6336cb2ca417886e19c588084cb0a3
2026-03-09 00:00:45
36
70
ab96f0557b6ea9110fe22b9e9f380e7e58906e52cf148e2c5094c17766ef6740
2026-03-08 23:58:34
51
73
7cdcef41109f56428e417d24dfb7216decb9638c75e91dbb2472dc8366c4753c
2026-03-08 23:55:24
50
70
3ffcedd9c42011f5f9762f3bd03721a38a4ec78b3dc17f9805c136b80a631a6f
2026-03-08 23:54:14
55
72
a31908a58b2145720158f9f2da427243f8480ea9205790ed66c1a156e909874b
2026-03-08 23:52:04
55
72
1ccfd7a0f7ea475499766d50b0c197a414f2d20cbee9b0f553cd5e40d6fde219
2026-03-08 23:51:04
58
73
9c898897201425ac090fedd68703ade7469e4cc30b6b6ac43438a3775fc75bd7
2026-03-08 23:50:43
51
73
c42fdae8e5ccdd44aa8e20959d484f20730144087976316d2e2e309516b255e4
2026-01-12 18:51:52
39
72
b88386c1812a0e9aa9b172f9e0b69a5af70f27e78f94efa0ada777ffc337e54b
2025-11-20 19:15:47
39
72
5becb79aae0efba26e1cad870260f281ce720066830e3a0f4e5f00e7f022c8eb
2024-09-23 07:02:04
55
73
0db7a0327192710c403e021cbfc3902d75c729b3ba59d87159bf8f59a151a481
2024-06-12 14:02:50
51
74
ab913b3bb637447f33add3c7020d353389738e4d532b905caed04c7c7f399277
2024-01-14 04:05:33
39
67
69192821f8ce4561cf9c9cb494a133584179116cb2e7409bea3e18901a1ca944
2023-06-20 03:14:14
43
71
b2adddf15255d1ab9d147d4edde681987438265a0e7dcc049d109a6b66a2fc8b
2023-04-30 09:06:44
48
71
d1949c75e7cb8e57f52e714728817ce323f6980c8c09e161c9e54a1e72777c13
2023-01-03 05:58:05
48
66
50f45122fdd5f8ca05668a385a734a278aa126ded185c3377f6af388c41788cb
2022-11-08 20:10:53
19
66
aa7ef4bb8d0eab74af36162fe42056008d7e19e62ff1b50b870e72140a7b5bd2
2022-11-05 07:37:25
22
71
cb6e26c2ab8dc2148d4f3f3102d1c257b2f22aba749463c04b1a420742eb92bc
2022-10-15 09:21:36
43
72
d943a4aabd76582218fd1a9a0a77b2f6a6715b198f9994f0feae6f249b40fdf9
2022-10-13 18:01:56
18
72
03309c90e6c60a2e3cd44374efa3003ae10cd9e05ba6a39c77aa5289b32cb969
2022-10-11 09:11:03
2
63
d15cecd1d8bf85a059dd6def0070dbd651a1aa96e3826c42c011ad33f39ce61e
2022-10-09 09:16:24
1
64
cf1256ae391410f7ebc785d180eb03ff36135cf8f9051b6d8c803386abdafb78
2022-10-07 10:18:55
21
55
449d87ca461823bb85c18102605e23997012b522c4272465092e923802a745e9
2022-10-07 10:12:30
28
67
dc56a30c0082145ad5639de443732e55dd895a5f0254644d1b1ec1b9457f04ff
2022-10-06 23:45:45
32
72
699aaea1598a034cde7ed88cd8a8a36fd59447e09bddef566357061774c48a76
2022-10-06 23:41:26
28
71
9a55f55886285eef7ffabdd55c0232d1458175b1d868c03d3e304ce7d98980bc
2022-10-02 03:14:01
1
61
d68ec5291d00e29cb2db4bf0d2ce37f467752a944fcd3c986fd32bc8472d5844
2022-09-29 13:21:05
16
68
cb182efaeb498a0b63a89204766754ef6f98bf55c954fdd83bea89f262d97289
2022-09-27 18:39:49
32
71
48976d7bf38cca4e952507e9ab27e3874ca01092eed53d0fde89c5966e9533bb
2022-09-13 16:39:00
37
71
affcb453760dbc48b39f8d4defbcc4fc65d00df6fae395ee27f031c1833abada
2022-09-13 16:38:25
47
71
cce74c82a718be7484abf7c51011793f2717cfb2068c92aa35416a93cbd13cfa
2022-08-10 10:49:10
46
71
ab1a3f8a0510ffa3c043bc200fe357c9ce220ea916f50b8b5b454027ef935c54
2022-07-31 12:03:09
49
71
9fce9ee85516533bae34fc1184a7cf31fa9f2c7889b13774f83d1df561708833
2022-07-25 14:51:57
47
71
203d2807df6ef531efbec7bfd109986de3e23df64c01ea4e337cbe5ba675248b
2022-07-12 08:56:07
48
65
1d040540c3c2ed8f73e04c578e7fb96d0b47d858bbb67e9b39ec2f4674b04250
2022-07-12 02:33:56
55
68
17205c43189c22dfcb278f5cc45c2562f622b0b6280dcd43cc1d3c274095eb90
2022-07-11 18:48:00
58
69
ae7c868713e1d02b4db60128c651eb1e3f6a33c02544cc4cb57c3aa6c6581b6e
2022-07-11 10:23:40
57
69
7883f01096db9bcf090c2317749b6873036c27ba92451b212b8645770e1f0b8a
2022-07-09 08:40:17
56
69
5d2204f3a20e163120f52a2e3595db19890050b2faa96c6cba6b094b0a52b0aa
2022-07-07 11:06:55
44
62
a54fef5fe2af58f5bd75c3af44f1fba22b721f34406c5963b19c5376ab278cd1
2022-07-01 21:43:22
53
68
5b6c3d277711d9f847be59b16fd08390fc07d3b27c7c6804e2170f456e9f1173

Rule Matches per Month (last 24 months)

THOR Logo  Scan your endpoints, forensic images or collected files with our portable scanner THOR
  Warning: Access to VALHALLA is rate-limited - once you prove unworthy, access gets denied
  Nextron Systems 2022