{
  "name": "Black Basta Ransomware: What You Need to Know",
  "slug": "black-basta-ransomware-what-you-need-to-know",
  "description": "Black Basta is a ransomware-as-a-service group that emerged in April 2022, known for double extortion tactics. They target organizations globally, particularly in North America, Europe, and Australia, affecting over 500 entities across various industries. Initial access is gained through phishing, Qakbot, Cobalt Strike, and vulnerability exploitation. The group uses tools like Mimikatz for credential theft and lateral movement. Their process involves data exfiltration using Rclone, followed by file encryption using the ChaCha20 algorithm. The ransomware disables system defenses, deletes shadow copies, and leaves a ransom note. Black Basta has been linked to the FIN7 threat actor due to similarities in EDR evasion techniques.",
  "published": "2024-09-20T09:21:00+00:00",
  "created_at": "2024-09-20T09:21:00+00:00",
  "modified_at": "2024-09-20T09:41:17+00:00",
  "created_at_opencti": "2024-09-20T09:21:00+00:00",
  "author": "",
  "confidence": null,
  "report_types": [],
  "labels": [],
  "tags": [
    "2024-09-20",
    "black basta",
    "ransomware"
  ],
  "related_entities": {
    "observables": [
      {
        "id": "",
        "name": "kekeoamigo.com"
      },
      {
        "id": "",
        "name": "f14c7eacdb39f1decdcf1e68f57c87340968fede1dc0391b2b082f58bd3a3f93"
      },
      {
        "id": "",
        "name": "df9498892ae72f611128c9a8bc57b93964f34cc235f5aaf57fe10fb2b3c69aa3"
      },
      {
        "id": "",
        "name": "dd32c037ed9b72acb6eda4f5193c7f1adc1e7e8d2aefcdd4b16de2f48420e1d3"
      },
      {
        "id": "",
        "name": "dc56a30c0082145ad5639de443732e55dd895a5f0254644d1b1ec1b9457f04ff"
      },
      {
        "id": "",
        "name": "d943a4aabd76582218fd1a9a0a77b2f6a6715b198f9994f0feae6f249b40fdf9"
      },
      {
        "id": "",
        "name": "d8e9e06b7adea939bcc135876f4e8a1d3719120e8ad9d4d72812ffd1dbee62fc"
      },
      {
        "id": "",
        "name": "d1949c75e7cb8e57f52e714728817ce323f6980c8c09e161c9e54a1e72777c13"
      },
      {
        "id": "",
        "name": "cce74c82a718be7484abf7c51011793f2717cfb2068c92aa35416a93cbd13cfa"
      },
      {
        "id": "",
        "name": "b18b40f513bae376905e259d325c12f9d700ee95f0d908a4d977a80c0420d52e"
      },
      {
        "id": "",
        "name": "affcb453760dbc48b39f8d4defbcc4fc65d00df6fae395ee27f031c1833abada"
      },
      {
        "id": "",
        "name": "ab913b3bb637447f33add3c7020d353389738e4d532b905caed04c7c7f399277"
      },
      {
        "id": "",
        "name": "ab1a3f8a0510ffa3c043bc200fe357c9ce220ea916f50b8b5b454027ef935c54"
      },
      {
        "id": "",
        "name": "a54fef5fe2af58f5bd75c3af44f1fba22b721f34406c5963b19c5376ab278cd1"
      },
      {
        "id": "",
        "name": "a199c9d91a1e7c7051ec40f0a3a51143aa9f06af47a2a5f0e2dd235d7e1fe386"
      },
      {
        "id": "",
        "name": "9f948af3a30f125dcd24d8a628b3a18c66b3d72baede8496ee735cbdfd9cf0c7"
      },
      {
        "id": "",
        "name": "9f188b2f4aa6a5ff3a6fb9048a20c5566f25bd9fb313ed1ba1d332fadd82690f"
      },
      {
        "id": "",
        "name": "7883f01096db9bcf090c2317749b6873036c27ba92451b212b8645770e1f0b8a"
      },
      {
        "id": "",
        "name": "699aaea1598a034cde7ed88cd8a8a36fd59447e09bddef566357061774c48a76"
      },
      {
        "id": "",
        "name": "5b6c3d277711d9f847be59b16fd08390fc07d3b27c7c6804e2170f456e9f1173"
      },
      {
        "id": "",
        "name": "53a06b78d89fe3f981ff32cd7a66f31e099d4bbaac36d7c64ed08d615d314408"
      },
      {
        "id": "",
        "name": "5211ad84270862e68026ce8e6c15c1f8499551e19d2967c349b46d3f8cfcdcaa"
      },
      {
        "id": "",
        "name": "50f45122fdd5f8ca05668a385a734a278aa126ded185c3377f6af388c41788cb"
      },
      {
        "id": "",
        "name": "4b83aaecddfcb8cf5caeff3cb30fee955ecfc3eea97d19dccf86f24c77c41fc4"
      },
      {
        "id": "",
        "name": "48976d7bf38cca4e952507e9ab27e3874ca01092eed53d0fde89c5966e9533bb"
      },
      {
        "id": "",
        "name": "46be54f719ee76af15099de6e337b05a0a442c813e815bbed92a71135cfd9ab2"
      },
      {
        "id": "",
        "name": "449d87ca461823bb85c18102605e23997012b522c4272465092e923802a745e9"
      },
      {
        "id": "",
        "name": "3eb22320da23748f76f2ce56f6f627e4255bc81d09ffb3a011ab067924d8013b"
      },
      {
        "id": "",
        "name": "21033cd24a9d775d7daa7bbc5c5b007553f205ac0febb6bae3fa35c700676bda"
      },
      {
        "id": "",
        "name": "203d2807df6ef531efbec7bfd109986de3e23df64c01ea4e337cbe5ba675248b"
      },
      {
        "id": "",
        "name": "1ed076158c8f50354c4dba63648e66c013c2d3673d76ac56582204686aae6087"
      },
      {
        "id": "",
        "name": "1d040540c3c2ed8f73e04c578e7fb96d0b47d858bbb67e9b39ec2f4674b04250"
      },
      {
        "id": "",
        "name": "15abbff9fbce7f5782c1654775938dcd2ce0a8ebd683a008547f8a4e421888c4"
      },
      {
        "id": "",
        "name": "1391c20a26f248f7c602f20096bf1886cfe7e4d151602a1258a9bbe7c02c1c80"
      },
      {
        "id": "",
        "name": "0db7a0327192710c403e021cbfc3902d75c729b3ba59d87159bf8f59a151a481"
      },
      {
        "id": "",
        "name": "0da309cc4f0d21c76c26d7b4f1c65bb1659908f191edb01d76ff22c8dabef0b1"
      },
      {
        "id": "",
        "name": "0c964ac2f65f270eb19982b04ae346e72976bdf19b88ffd2308700dcce2b5ec0"
      },
      {
        "id": "",
        "name": "0bce6dc27d2cbdc231b563427c3489ddc69a0a88012abccd49b32c931dd93a81"
      },
      {
        "id": "",
        "name": "09bc7247b50a166996b667b9a6e696cfbafa203ffcbec46ad0cca27deacd5c25"
      },
      {
        "id": "",
        "name": "fff35c2da67eef6f1a10c585b427ac32e7f06f4e4460542207abcd62264e435f"
      },
      {
        "id": "",
        "name": "fafaff3d665b26b5c057e64b4238980589deb0dff0501497ac50be1bc91b3e08"
      },
      {
        "id": "",
        "name": "f039eaaced72618eaba699d2985f9e10d252ac5fe85d609c217b45bc8c3614f4"
      },
      {
        "id": "",
        "name": "e28188e516db1bda9015c30de59a2e91996b67c2e2b44989a6b0f562577fd757"
      },
      {
        "id": "",
        "name": "df5b004be71717362e6b1ad22072f9ee4113b95b5d78c496a90857977a9fb415"
      },
      {
        "id": "",
        "name": "d73f6e240766ddd6c3c16eff8db50794ab8ab95c6a616d4ab2bc96780f13464d"
      },
      {
        "id": "",
        "name": "d15bfbc181aac8ce9faa05c2063ef4695c09b718596f43edc81ca02ef03110d1"
      },
      {
        "id": "",
        "name": "b32daf27aa392d26bdf5faafbaae6b21cd6c918d461ff59f548a73d447a96dd9"
      },
      {
        "id": "",
        "name": "ae7c868713e1d02b4db60128c651eb1e3f6a33c02544cc4cb57c3aa6c6581b6e"
      },
      {
        "id": "",
        "name": "acb60f0dd19a9a26aaaefd3326db8c28f546b6b0182ed2dcc23170bcb0af6d8f"
      },
      {
        "id": "",
        "name": "a7b36482ba5bca7a143a795074c432ed627d6afa5bc64de97fa660faa852f1a6"
      },
      {
        "id": "",
        "name": "9a55f55886285eef7ffabdd55c0232d1458175b1d868c03d3e304ce7d98980bc"
      },
      {
        "id": "",
        "name": "96339a7e87ffce6ced247feb9b4cb7c05b83ca315976a9522155bad726b8e5be"
      },
      {
        "id": "",
        "name": "90ba27750a04d1308115fa6a90f36503398a8f528c974c5adc07ae8a6cd630e7"
      },
      {
        "id": "",
        "name": "88c8b472108e0d79d16a1634499c1b45048a10a38ee799054414613cc9dccccc"
      },
      {
        "id": "",
        "name": "882019d1024778e13841db975d5e60aaae1482fcf86ba669e819a68ce980d7d3"
      },
      {
        "id": "",
        "name": "86a4dd6be867846b251460d2a0874e6413589878d27f2c4482b54cec134cc737"
      },
      {
        "id": "",
        "name": "723d1cf3d74fb3ce95a77ed9dff257a78c8af8e67a82963230dd073781074224"
      },
      {
        "id": "",
        "name": "7ad4324ea241782ea859af12094f89f9a182236542627e95b6416c8fb9757c59"
      },
      {
        "id": "",
        "name": "69192821f8ce4561cf9c9cb494a133584179116cb2e7409bea3e18901a1ca944"
      },
      {
        "id": "",
        "name": "5d2204f3a20e163120f52a2e3595db19890050b2faa96c6cba6b094b0a52b0aa"
      },
      {
        "id": "",
        "name": "62e63388953bb30669b403867a3ac2c8130332cf78133f7fd4a7f23cdc939087"
      },
      {
        "id": "",
        "name": "5b2178c7a0fd69ab00cef041f446e04098bbb397946eda3f6755f9d94d53c221"
      },
      {
        "id": "",
        "name": "5942143614d8ed34567ea472c2b819777edd25c00b3e1b13b1ae98d7f9e28d43"
      },
      {
        "id": "",
        "name": "58ddbea084ce18cfb3439219ebcf2fc5c1605d2f6271610b1c7af77b8d0484bd"
      },
      {
        "id": "",
        "name": "51eb749d6cbd08baf9d43c2f83abd9d4d86eb5206f62ba43b768251a98ce9d3e"
      },
      {
        "id": "",
        "name": "462bbb8fd7be98129aa73efa91e2d88fa9cafc7b47431b8227d1957f5d0c8ba7"
      },
      {
        "id": "",
        "name": "42f05f5d4a2617b7ae0bc601dd6c053bf974f9a337a8fcc51f9338b108811b78"
      },
      {
        "id": "",
        "name": "3c50f6369f0938f42d47db29a1f398e754acb2a8d96fd4b366246ac2ccbe250a"
      },
      {
        "id": "",
        "name": "39939eacfbc20a2607064994497e3e886c90cd97b25926478434f46c95bd8ead"
      },
      {
        "id": "",
        "name": "37a5cd265f7f555f2fe320a68d70553b7aa9601981212921d1ac2c114e662004"
      },
      {
        "id": "",
        "name": "360c9c8f0a62010d455f35588ef27817ad35c715a5f291e43449ce6cb1986b98"
      },
      {
        "id": "",
        "name": "350ba7fca67721c74385faff083914ecdd66ef107a765dfb7ac08b38d5c9c0bd"
      },
      {
        "id": "",
        "name": "3337a7a9ccdd06acdd6e3cf4af40d871172d0a0e96fc48787b574ac93689622a"
      },
      {
        "id": "",
        "name": "3090a37e591554d7406107df87b3dc21bda059df0bc66244e8abef6a5678af35"
      },
      {
        "id": "",
        "name": "1c1b2d7f790750d60a14bd661dae5c5565f00c6ca7d03d062adcecda807e1779"
      },
      {
        "id": "",
        "name": "17879ed48c2a2e324d4f5175112f51b75f4a8ab100b8833c82e6ddb7cd817f20"
      },
      {
        "id": "",
        "name": "17205c43189c22dfcb278f5cc45c2562f622b0b6280dcd43cc1d3c274095eb90"
      },
      {
        "id": "",
        "name": "0a8297b274aeab986d6336b395b39b3af1bb00464cf5735d1ecdb506fef9098e"
      },
      {
        "id": "",
        "name": "07117c02a09410f47a326b52c7f17407e63ba5e6ff97277446efc75b862d2799"
      },
      {
        "id": "",
        "name": "05ebae760340fe44362ab7c8f70b2d89d6c9ba9b9ee8a9f747b2f19d326c3431"
      },
      {
        "id": "",
        "name": "0554eb2ffa3582b000d558b6950ec60e876f1259c41acff2eac47ab78a53e94a"
      },
      {
        "id": "",
        "name": "1fd42d07b4be99e0e503c0ed5af2274312be1b03e01b54a6d89c0eef04257d6e"
      }
    ],
    "malware": [
      {
        "id": "legacy:malware:4b474c7d91ebdc7d",
        "name": "Black Basta - S1070",
        "slug": "black-basta-s1070"
      },
      {
        "id": "legacy:malware:377bd4885db797c7",
        "name": "QuackBot",
        "slug": "quackbot"
      },
      {
        "id": "legacy:malware:ecd8aac2625e41b0",
        "name": "Pinkslipbot",
        "slug": "pinkslipbot"
      },
      {
        "id": "legacy:malware:22b21da1c67d36f3",
        "name": "QakBot - S0650",
        "slug": "qakbot-s0650"
      },
      {
        "id": "25c206e0-ce3f-45db-ac64-14247e93d44a",
        "name": "SystemBC",
        "slug": "systembc"
      },
      {
        "id": "legacy:malware:45b112b45fbe9a59",
        "name": "QBot",
        "slug": "qbot"
      },
      {
        "id": "ab138766-9b64-4880-87fb-1942a709d778",
        "name": "Cobalt Strike - S0154",
        "slug": "cobalt-strike-s0154"
      }
    ],
    "intrusion_sets": [
      {
        "id": "1a54c017-233a-4c2a-8a82-5511f51d03a8",
        "name": "Black Basta",
        "slug": "black-basta"
      }
    ],
    "attack_patterns": [
      {
        "id": "b15c00da-c412-4429-900c-659de612baf5",
        "name": "T1543.003"
      },
      {
        "id": "ecaaa4cc-d487-4002-bcb2-f769acfcc38f",
        "name": "T1490"
      },
      {
        "id": "6b2e0999-c7e8-4662-94ac-19aa8520ee46",
        "name": "T1059.003"
      },
      {
        "id": "32b33067-6566-4b8d-be80-e96f765d84de",
        "name": "T1059.001"
      },
      {
        "id": "32817170-4c07-427e-b8a5-80a733ae2550",
        "name": "T1497"
      },
      {
        "id": "7364ca96-72bf-4b7f-afef-ce2583b1ed58",
        "name": "T1562.001"
      },
      {
        "id": "196f2a64-c55b-47a6-8e38-beb76ba700b6",
        "name": "T1204.002"
      },
      {
        "id": "f1bb7823-4f4b-4565-b472-bf0cfca467b1",
        "name": "T1486"
      },
      {
        "id": "45082a8e-9c79-470e-ad1b-decac7188e8f",
        "name": "T1083"
      },
      {
        "id": "67c697ce-a6cc-475f-9bee-e14c1bef7067",
        "name": "T1047"
      },
      {
        "id": "7d7ac733-6442-416f-8669-c302dd0843b9",
        "name": "T1036"
      },
      {
        "id": "09124a92-c11f-4571-b35b-ab0bce6dd081",
        "name": "T1112"
      },
      {
        "id": "d9b45b3b-d093-4016-89e9-48f31ff4d05d",
        "name": "T1566"
      },
      {
        "id": "6c8f8a40-2746-4a37-86bd-81e82afa6e62",
        "name": "T1190"
      },
      {
        "id": "64cdebc9-0fb4-48f2-bf4f-b87f3741f664",
        "name": "T1068"
      }
    ],
    "vulnerabilities": [
      {
        "id": "",
        "name": "CVE-2021-42287"
      },
      {
        "id": "",
        "name": "CVE-2021-42278"
      },
      {
        "id": "",
        "name": "CVE-2024-26169"
      },
      {
        "id": "",
        "name": "CVE-2024-1709"
      },
      {
        "id": "",
        "name": "CVE-2021-34527"
      },
      {
        "id": "",
        "name": "CVE-2020-1472"
      }
    ],
    "others": [
      {
        "id": "",
        "name": "Australia"
      },
      {
        "id": "",
        "name": "United States of America"
      },
      {
        "id": "",
        "name": "Critical Infrastructure"
      }
    ]
  },
  "external_refs": [
    "https://blog.qualys.com/vulnerabilities-threat-research/2024/09/19/black-basta-ransomware-what-you-need-to-know",
    "https://otx.alienvault.com/pulse/66ed5a9c197554aebcf74460"
  ]
}