BlackByte Ransomware – Pt 2. Code Obfuscation Analysis
Tags
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Python - T1059.006 Tool - T1588.002 Powershell - T1086 Scripting - T1064 Scripting
Show in Graph
Common Information
Type Value
UUID d0572eb2-9477-4e5a-aa94-088de9c8e490
Fingerprint bc611351291d172c
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 15, 2021, midnight
Added to db Sept. 11, 2022, 12:37 p.m.
Last updated Nov. 18, 2024, 2:36 a.m.
Headline SpiderLabs Blog
Title BlackByte Ransomware – Pt 2. Code Obfuscation Analysis
Detected Hints/Tags/Attributes 28/1/4
Source URLs
Redirection Url
Details Source https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/blackbyte-ransomware-pt-2-code-obfuscation-analysis/
URL Provider
Details Provider Source level domain
Details trustwave.com www.trustwave.com
Attributes
Details Type #Events CTI Value
Details File 7 
formatters.bin
Details File 4 
ary.bin
Details File 1209 
powershell.exe
Details File 365 
console.log