Genel Bakış

BlackSuit, Royal grubunun yeniden markasıdır.

MalwareBazaar İstihbarat Verileri

Hash Örnekleri (İlk 50)

SHA256MD5İlk GörülmeTipBoyut
06ca930b3531eacf14bc... f5ac577b053621c5... 2026-06-13 zip 20.935.155
35f3ee553626b2267e4a... 87d5fbaa3cd64707... 2026-01-01 dll 26.836.992
d3abb9947cbe93297b50... 6e8d90bd91e2d4ed... 2025-07-04 zip 26.322.258
0db187e003c6f976ea51... 7ddd4afe03b938e7... 2025-05-27 msi 49.085.952
cbd70a7fab661abee699... 247aa9365ca9a5b2... 2025-05-20 exe 3.856.152
9c48e36b0ea519b37e44... 633350ddb9bf3d63... 2025-05-02 exe 3.305.275
eb12c198fc1b6ec79ea4... 6e30074c69357429... 2025-04-16 exe 3.230.720
804468073a39df06fb6d... 233464ea1411c7c4... 2025-01-24 zip 21.043.270
55eb32a530380afc0923... e23ab66cca77a49c... 2025-01-23 exe 3.404.288
94200b3b4792c019ebe7... bffddb889b7089cc... 2024-10-05 msi 30.109.696
2adcf43d221de2f72ba5... 57ebf50902949e13... 2024-08-01 exe 2.196.992
90ae0c693f6ffd6dc5bb... 748de52961d2f182... 2024-07-30 exe 2.343.424
9fbd818dc28ea5561278... 14f6e66efcbcc6ef... 2023-10-30 exe 2.840.576
1c849adcccad46433032... 9656cd12e3a85b86... 2023-05-03 elf 2.578.074

IOC Özeti

  • Bu analiz 14 adet benzersiz BlackSuit örneğini kapsar.
  • Toplam 28 hash IOC kayıt altına alındı.
  • Kampanya aktivitesi: 2023-05-03 ile 2026-06-13 arasında tespit edildi.

BlackSuit — Malware Profile

BlackSuit Royal ransomware halefi. Python 3.11 runtime gömülü. macOS + Windows. cpython311.dll. çapraz platform.

Malware Type
Ransomware
Programming Language
C++
C2 Protocol
Target Systems
Windows/Linux

Technical Details

Ransomware ailesi: AES/RSA hibrid sifreleme, dosya uzantisi degistirme, shadow copy silme, C2 ile anahtar alis-verisi, fidye notu birakma, kullanici belgelerine odaklanma

Capabilities & Behavior

Dosya Şifreleme (AES/RSA)
Gölge Kopya Silme
Yedek Kaldırma
Fidye Notu Oluşturma
Kalıcılık Sağlama
Ağ Paylaşımı Şifreleme
Anti-Analiz Teknikleri
Çift Gasp (Data Leak)

IOC List (56 indicators)

IOC — BlackSuit
# SHA256 06ca930b3531eacf14bc0bdbe2ace2c62912d1bce6e7c31ecf727e8d9f9ed063 # SHA256 35f3ee553626b2267e4a8f35dce5b40840e5a461f13652bd2659681c31068805 # SHA256 d3abb9947cbe93297b5064ae2f580c461250a7946672ab58ea8da512e919bbd3 # SHA256 0db187e003c6f976ea511389d22e771e5c94710c6cfc8ea2587812e66be1a52c # SHA256 cbd70a7fab661abee699e96bc790f813a553aa9aae80050544cc4137d6842589 # SHA256 9c48e36b0ea519b37e44f5669da8b1eb59782798f8e8ebb6238441f73dc8102c # SHA256 06ca930b3531eacf14bc0bdbe2ace2c62912d1bce6e7c31ecf727e8d9f9ed063 # SHA256 eb12c198fc1b6ec79ea4b457988db4478ee6bc9aca128aa24a85b76a57add459 # SHA256 35f3ee553626b2267e4a8f35dce5b40840e5a461f13652bd2659681c31068805 # SHA256 804468073a39df06fb6db77eb725723986088d85245a8e8936d5133b1bc51679 # SHA256 d3abb9947cbe93297b5064ae2f580c461250a7946672ab58ea8da512e919bbd3 # SHA256 55eb32a530380afc0923e2996f1150e1b6d1cf0f513d29bfd026e9727c8b4343 # SHA256 0db187e003c6f976ea511389d22e771e5c94710c6cfc8ea2587812e66be1a52c # SHA256 94200b3b4792c019ebe7bcfd16573fdedf385369e41309d82958568078e90c43 # SHA256 cbd70a7fab661abee699e96bc790f813a553aa9aae80050544cc4137d6842589 # SHA256 2adcf43d221de2f72ba5088dac3a3193219412882df711d095f04e3f5b40767c # SHA256 9c48e36b0ea519b37e44f5669da8b1eb59782798f8e8ebb6238441f73dc8102c # SHA256 90ae0c693f6ffd6dc5bb2d5a5ef078629c3d77f874b2d2ebd9e109d8ca049f2c # SHA256 eb12c198fc1b6ec79ea4b457988db4478ee6bc9aca128aa24a85b76a57add459 # SHA256 9fbd818dc28ea5561278e873bd9b6deb896d4fbaac86209903bdeaad55c6c31a # SHA256 804468073a39df06fb6db77eb725723986088d85245a8e8936d5133b1bc51679 # SHA256 1c849adcccad4643303297fb66bfe81c5536be39a87601d67664af1d14e02b9e # SHA256 55eb32a530380afc0923e2996f1150e1b6d1cf0f513d29bfd026e9727c8b4343 # SHA256 94200b3b4792c019ebe7bcfd16573fdedf385369e41309d82958568078e90c43 # SHA256 2adcf43d221de2f72ba5088dac3a3193219412882df711d095f04e3f5b40767c # SHA256 90ae0c693f6ffd6dc5bb2d5a5ef078629c3d77f874b2d2ebd9e109d8ca049f2c # SHA256 9fbd818dc28ea5561278e873bd9b6deb896d4fbaac86209903bdeaad55c6c31a # SHA256 1c849adcccad4643303297fb66bfe81c5536be39a87601d67664af1d14e02b9e # MD5 f5ac577b053621c54746209a7b78927e # MD5 87d5fbaa3cd647071c51df0e07443c6f # MD5 6e8d90bd91e2d4edce38609521de5089 # MD5 7ddd4afe03b938e7bf28167b8dab8fc7 # MD5 247aa9365ca9a5b27b43cab12172feed # MD5 633350ddb9bf3d63d582c157c706a23a # MD5 f5ac577b053621c54746209a7b78927e # MD5 6e30074c693574294be7ed2aea600afe # MD5 87d5fbaa3cd647071c51df0e07443c6f # MD5 233464ea1411c7c444b1462bbdc25385 # MD5 6e8d90bd91e2d4edce38609521de5089 # MD5 e23ab66cca77a49c8092dfda49354b44 # MD5 7ddd4afe03b938e7bf28167b8dab8fc7 # MD5 bffddb889b7089cc6af3b9d9efb3c89d # MD5 247aa9365ca9a5b27b43cab12172feed # MD5 57ebf50902949e13220b379c136db8a7 # MD5 633350ddb9bf3d63d582c157c706a23a # MD5 748de52961d2f182d47e88d736f6c835 # MD5 6e30074c693574294be7ed2aea600afe # MD5 14f6e66efcbcc6ef30286fa5c5be1697 # MD5 233464ea1411c7c444b1462bbdc25385 # MD5 9656cd12e3a85b869ad90a0528ca026e # MD5 e23ab66cca77a49c8092dfda49354b44 # MD5 bffddb889b7089cc6af3b9d9efb3c89d # MD5 57ebf50902949e13220b379c136db8a7 # MD5 748de52961d2f182d47e88d736f6c835 # MD5 14f6e66efcbcc6ef30286fa5c5be1697 # MD5 9656cd12e3a85b869ad90a0528ca026e
TypeValueNote
sha256 06ca930b3531eacf14bc0bdbe2ace2c62912d1bce6e7c31ecf727e8d9f9ed063 MB:BlackSuit
sha256 35f3ee553626b2267e4a8f35dce5b40840e5a461f13652bd2659681c31068805 MB:BlackSuit
sha256 d3abb9947cbe93297b5064ae2f580c461250a7946672ab58ea8da512e919bbd3 MB:BlackSuit
sha256 0db187e003c6f976ea511389d22e771e5c94710c6cfc8ea2587812e66be1a52c MB:BlackSuit
sha256 cbd70a7fab661abee699e96bc790f813a553aa9aae80050544cc4137d6842589 MB:BlackSuit
sha256 9c48e36b0ea519b37e44f5669da8b1eb59782798f8e8ebb6238441f73dc8102c MB:BlackSuit
sha256 06ca930b3531eacf14bc0bdbe2ace2c62912d1bce6e7c31ecf727e8d9f9ed063 MB:BlackSuit
sha256 eb12c198fc1b6ec79ea4b457988db4478ee6bc9aca128aa24a85b76a57add459 MB:BlackSuit
sha256 35f3ee553626b2267e4a8f35dce5b40840e5a461f13652bd2659681c31068805 MB:BlackSuit
sha256 804468073a39df06fb6db77eb725723986088d85245a8e8936d5133b1bc51679 MB:BlackSuit
sha256 d3abb9947cbe93297b5064ae2f580c461250a7946672ab58ea8da512e919bbd3 MB:BlackSuit
sha256 55eb32a530380afc0923e2996f1150e1b6d1cf0f513d29bfd026e9727c8b4343 MB:BlackSuit
sha256 0db187e003c6f976ea511389d22e771e5c94710c6cfc8ea2587812e66be1a52c MB:BlackSuit
sha256 94200b3b4792c019ebe7bcfd16573fdedf385369e41309d82958568078e90c43 MB:BlackSuit
sha256 cbd70a7fab661abee699e96bc790f813a553aa9aae80050544cc4137d6842589 MB:BlackSuit
sha256 2adcf43d221de2f72ba5088dac3a3193219412882df711d095f04e3f5b40767c MB:BlackSuit
sha256 9c48e36b0ea519b37e44f5669da8b1eb59782798f8e8ebb6238441f73dc8102c MB:BlackSuit
sha256 90ae0c693f6ffd6dc5bb2d5a5ef078629c3d77f874b2d2ebd9e109d8ca049f2c MB:BlackSuit
sha256 eb12c198fc1b6ec79ea4b457988db4478ee6bc9aca128aa24a85b76a57add459 MB:BlackSuit
sha256 9fbd818dc28ea5561278e873bd9b6deb896d4fbaac86209903bdeaad55c6c31a MB:BlackSuit
sha256 804468073a39df06fb6db77eb725723986088d85245a8e8936d5133b1bc51679 MB:BlackSuit
sha256 1c849adcccad4643303297fb66bfe81c5536be39a87601d67664af1d14e02b9e MB:BlackSuit
sha256 55eb32a530380afc0923e2996f1150e1b6d1cf0f513d29bfd026e9727c8b4343 MB:BlackSuit
sha256 94200b3b4792c019ebe7bcfd16573fdedf385369e41309d82958568078e90c43 MB:BlackSuit
sha256 2adcf43d221de2f72ba5088dac3a3193219412882df711d095f04e3f5b40767c MB:BlackSuit
sha256 90ae0c693f6ffd6dc5bb2d5a5ef078629c3d77f874b2d2ebd9e109d8ca049f2c MB:BlackSuit
sha256 9fbd818dc28ea5561278e873bd9b6deb896d4fbaac86209903bdeaad55c6c31a MB:BlackSuit
sha256 1c849adcccad4643303297fb66bfe81c5536be39a87601d67664af1d14e02b9e MB:BlackSuit
md5 f5ac577b053621c54746209a7b78927e MB:BlackSuit
md5 87d5fbaa3cd647071c51df0e07443c6f MB:BlackSuit
md5 6e8d90bd91e2d4edce38609521de5089 MB:BlackSuit
md5 7ddd4afe03b938e7bf28167b8dab8fc7 MB:BlackSuit
md5 247aa9365ca9a5b27b43cab12172feed MB:BlackSuit
md5 633350ddb9bf3d63d582c157c706a23a MB:BlackSuit
md5 f5ac577b053621c54746209a7b78927e MB:BlackSuit
md5 6e30074c693574294be7ed2aea600afe MB:BlackSuit
md5 87d5fbaa3cd647071c51df0e07443c6f MB:BlackSuit
md5 233464ea1411c7c444b1462bbdc25385 MB:BlackSuit
md5 6e8d90bd91e2d4edce38609521de5089 MB:BlackSuit
md5 e23ab66cca77a49c8092dfda49354b44 MB:BlackSuit
md5 7ddd4afe03b938e7bf28167b8dab8fc7 MB:BlackSuit
md5 bffddb889b7089cc6af3b9d9efb3c89d MB:BlackSuit
md5 247aa9365ca9a5b27b43cab12172feed MB:BlackSuit
md5 57ebf50902949e13220b379c136db8a7 MB:BlackSuit
md5 633350ddb9bf3d63d582c157c706a23a MB:BlackSuit
md5 748de52961d2f182d47e88d736f6c835 MB:BlackSuit
md5 6e30074c693574294be7ed2aea600afe MB:BlackSuit
md5 14f6e66efcbcc6ef30286fa5c5be1697 MB:BlackSuit
md5 233464ea1411c7c444b1462bbdc25385 MB:BlackSuit
md5 9656cd12e3a85b869ad90a0528ca026e MB:BlackSuit
md5 e23ab66cca77a49c8092dfda49354b44 MB:BlackSuit
md5 bffddb889b7089cc6af3b9d9efb3c89d MB:BlackSuit
md5 57ebf50902949e13220b379c136db8a7 MB:BlackSuit
md5 748de52961d2f182d47e88d736f6c835 MB:BlackSuit
md5 14f6e66efcbcc6ef30286fa5c5be1697 MB:BlackSuit
md5 9656cd12e3a85b869ad90a0528ca026e MB:BlackSuit
Tags
bulkiocmalwarebazaarransomwareblacksuit