← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Inside Black Basta: Ransomware Resilience and Evolution After the Leak
WHITE PetrP.73 2025-04-21 Modified: 2025-05-21
27
IOCs
MEDIUM VOLUME
The Black Basta ransomware group has demonstrated remarkable resilience and adaptability following a significant leak of their internal communications. This leak has provided deep insights into their operations, revealing how they exploit both known and unknown vulnerabilities across various network and security devices. The group's ability to evolve and persist in their attacks poses a substantial threat to organizations worldwide.
black bastamicrosoftcitrixesxipowershellstorm2410storm1674remote accesscommandlinebastaanydeskthisevolutionshellexploit
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Black Basta
Indicators of Compromise (27)
All CVE URL hostname FileHash-SHA256
TYPEINDICATORDESCRIPTIONCREATED
CVE CVE-2023-4966 2025-04-21
URL http://58.171.144.24:10002/ui/ 2025-04-21
URL https://79.141.1.193/sslvpn_logon.shtml 2025-04-21
URL https://darpan.kvs.REDACTED.in/rdweb/...;KVS@DLREDACTED 2025-04-21
URL https://start.elvyonline.nl/...;sdejong@elvyonline;e4256ohN 2025-04-21
hostname darpan.kvs.redacted.in 2025-04-21
hostname send.vis.ee 2025-04-21
FileHash-SHA256 021dc86311654b27e06079a10e3727bd0c91d27dcb1a6a74cd60bf21bc1ad8fd 2025-04-21
FileHash-SHA256 bf405f71411a666411061ca685c92c5ac2f5dcd823545f5785f5f5e7619f60ed 2025-04-21
URL https://send.vis.ee/download/146debb445669e94/ 2025-04-21
URL https://send.vis.ee/download/29ae177e1e555f6d/ 2025-04-21
URL https://send.vis.ee/download/2a732bc2b77d6e3d/ 2025-04-21
URL https://send.vis.ee/download/3cb7cb2cbde36a0b/ 2025-04-21
URL https://send.vis.ee/download/40f1345f2a67d51e/ 2025-04-21
URL https://send.vis.ee/download/431ac053dea07421/ 2025-04-21
URL https://send.vis.ee/download/45f343b9fc5d571b/ 2025-04-21
URL https://send.vis.ee/download/58068f6c262f9f66/ 2025-04-21
URL https://send.vis.ee/download/5b4f1ce9b39c2db8/ 2025-04-21
URL https://send.vis.ee/download/6e93cc8df58cd58e/ 2025-04-21
URL https://send.vis.ee/download/78dc2f1634c6b2e2/ 2025-04-21
URL https://send.vis.ee/download/7eea1b5e3ce4475d/ 2025-04-21
URL https://send.vis.ee/download/8935673a3f3d5622/ 2025-04-21
URL https://send.vis.ee/download/8be1d4d7422f9348/ 2025-04-21
URL https://send.vis.ee/download/a41418c4e7d3c4d9/ 2025-04-21
URL https://send.vis.ee/download/b0ab053e7be94117/ 2025-04-21
URL https://send.vis.ee/download/e395cb4126374db8/ 2025-04-21
URL https://send.vis.ee/icon.718f87fb.svg&fmlBlkTk 2025-04-21
References (1)
↗ https://medium.com/detect-fyi/inside-black-basta-ransomware-resilience-and-evolution-after-the-leak-1fd691e7cade