Rewterz Threat Alert – Virlock Ransomware – Active IOCs
June 2, 2022Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs
June 2, 2022Rewterz Threat Alert – Virlock Ransomware – Active IOCs
June 2, 2022Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs
June 2, 2022Severity
High
Analysis Summary
Black Basta is a new ransomware that encrypts data stored on clients’ hard drives. This ransomware adds a .basta extension to the data which makes the files unaccessible to the users. Black Basta automatically changes the desktop background and restarts the computer. After this process, the victims are instructed to pay a particular ransom for the file restoration. The ransom note is present in the form of readme.txt.
Impact
- File Encryption
Indicators of Compromise
MD5
- a2086f41bc06adc69517bc0d9c07bf6e
SHA-256
- a9503a3d998e705c37d3bec7fea0ff188bcf7e753833c8b4b195e590c4ed9625
SHA-1
- 1d30388c1235da56a2f17d645f0a66ead7b59159
Remediation
- Block all threat indicators at your respective controls
- Search for IOCs in your environment.