Black Basta Analysisinfo

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (11)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

US: USA8
RU: Russia2
CN: China2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Black Basta2
RedLine Stealer1
Moobot1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined4
Chip Software2
Content Management System2
SCADA Software2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Qualcomm2
Joomla2
Web Wiz2
Not Defined2
Nordex2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Qualcomm Snapdragon Mobile2
Qualcomm Snapdragon Compute2
Qualcomm Snapdragon Auto2
Qualcomm Snapdragon IOT2
Qualcomm Snapdragon Connectivity2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Web Wiz Guestbook access control5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.008520.03CVE-2003-1571
2cpLinks sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.003120.00CVE-2008-2180
3Nordex Control 2 SCADA Wind Farm Portal Application cross site scripting4.34.1$5k-$25k$0-$5kProof-of-ConceptNot Defined0.001590.03CVE-2015-6477
4SWsoft Plesk Login login.php3 path traversal5.34.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.016300.03CVE-2007-2268
5Qualcomm Snapdragon Mobile Sahara Protocol buffer overflow5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000690.09CVE-2021-30327
6Magento sql injection8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.171750.02CVE-2019-7139
7Microsoft Windows LDAP Remote Code Execution9.88.9$25k-$100k$5k-$25kUnprovenOfficial Fix0.006870.04CVE-2022-29130
8Joomla CMS index.php sql injection7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.001350.00CVE-2010-4696
9Dodos Scripts dodosmail dodosmail.php file inclusion7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.159560.00CVE-2006-5841
10Matomo safemode.twig Path information disclosure4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001050.00CVE-2019-12215

Campaigns (3)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (101)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.62.43.252r-252-43-62-5.consumer-pool.prcdn.netBlack Basta03/07/2023verifiedHigh
25.196.124.228ip228.ip-5-196-124.euBlack Basta03/07/2023verifiedHigh
35.199.162.220Black Basta11/20/2024verifiedVery High
423.26.137.225Black BastaCVE-2024-1708 / CVE-2024-170901/24/2025verifiedVery High
523.81.246.84Black Basta11/20/2024verifiedVery High
623.106.160.188Black Basta07/30/2022verifiedMedium
723.227.178.6523-227-178-65.static.hvvc.usBlack Basta11/20/2024verifiedVery High
824.49.232.9624-49-232-96.resi.cgocable.caBlack BastaQbot11/23/2022verifiedLow
924.64.114.59S0106b06ebfd79790.cg.shawcable.netBlack BastaQbot11/23/2022verifiedLow
1024.178.196.44024-178-196-044.biz.spectrum.comBlack Basta10/05/2022verifiedMedium
1137.186.54.185Black Basta10/05/2022verifiedMedium
1239.44.144.182Black Basta10/05/2022verifiedMedium
1345.63.1.8845.63.1.88.vultrusercontent.comBlack Basta10/05/2022verifiedLow
1445.67.229.148renoldgavrilov93.example.comFIN7Black Basta11/08/2022verifiedMedium
1545.87.154.208vm1075965.stark-industries.solutionsBlack Basta03/07/2023verifiedHigh
1645.133.216.39vm627637.stark-industries.solutionsBlack Basta03/07/2023verifiedHigh
1745.153.241.167Black Basta03/07/2023verifiedHigh
1846.22.211.151ns6.printembrace.comBlack Basta12/27/2023verifiedHigh
1946.166.161.68Black Basta11/20/2024verifiedVery High
2046.166.161.93Black Basta11/20/2024verifiedVery High
2146.176.222.241ppp046176222241.access.hol.grBlack Basta10/05/2022verifiedLow
22XX.XX.XX.XXXxxx-xxxxxxxx.xxxxxx.xxxxxxxxx.xxxXxxxx Xxxxx10/05/2022verifiedMedium
23XX.XX.XX.XXXxx-xx-xx-xxx.xxxxxx.xxxx.xxXxxxx Xxxxx03/07/2023verifiedHigh
24XX.XX.X.XXXxxxx-xxxx-xxxxxxxxxxx-xxx-xx-xx-xx-x-xxx.xxx.xxxx.xxXxxxx XxxxxXxxx11/23/2022verifiedLow
25XX.XX.XX.XXXxxxxxxxxxxxxxxxxx.xx.xxxxxxxxx.xxxXxxxx XxxxxXxxx11/23/2022verifiedLow
26XX.XX.XXX.XXxx-xx-xxx-xx.xxxx.xxxxxxxxxxxx.xxxXxxxx Xxxxx10/05/2022verifiedMedium
27XX.XX.XX.XXxxxx-xx-xx-xx-xx.xxxxxx.xxxx.xxxxxxx.xxxXxxxx Xxxxx10/05/2022verifiedMedium
28XX.XXX.XXX.XXXxxxx Xxxxx10/05/2022verifiedMedium
29XX.XXX.XXX.XXXXxxxx Xxxxx10/05/2022verifiedMedium
30XX.XX.XXX.XXXx-xx-xx-xxx-xxx.xxxx.xx.xxxxxxx.xxxXxxxx Xxxxx10/05/2022verifiedMedium
31XX.XX.XXX.XXXx-xx-xx-xxx-xxx.xxxx.xx.xxxxxxx.xxxXxxxx XxxxxXxxx11/23/2022verifiedMedium
32XX.XX.XXX.XXxx-xx-xxx-xx.xxx.xxxxxxxx.xxxXxxxx XxxxxXxxx11/23/2022verifiedMedium
33XX.XX.XXX.XXxxx-xxxxxxxx.xxxxxx.xxxxxxxxx.xxxXxxxx Xxxxx10/05/2022verifiedMedium
34XX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxx.xxxxxxxx.xxxXxxxx XxxxxXxxx11/23/2022verifiedMedium
35XX.X.XXX.XXXxxxx-xx-x-xxx-xxxXxxxx XxxxxXxxx11/23/2022verifiedMedium
36XX.XXX.XXX.XXXxx-xxx-xxx.xxxxxxxx.xxxXxxxx Xxxxx03/07/2023verifiedHigh
37XX.XX.XX.XXXxxxxxxxxx-xxxxxx-x-x-xxxxxxx.xx-x.xxxxx.xxxxxxx.xxxXxxxx XxxxxXxxx11/23/2022verifiedLow
38XX.XX.XXX.XXXxxxx-xx-xx-xxxxx-xxxxxx-xxxxxxx.xxx.xxxxx.xxxxxxx.xxxXxxxx XxxxxXxxx11/23/2022verifiedLow
39XX.XXX.XXX.XXxxxxxxxxxxx-xxx-x-xxx-xx.xxx-xxx.xxx.xxxxxxx.xxXxxxx XxxxxXxxx11/23/2022verifiedMedium
40XX.XXX.XX.XXxx-xx.xxx.xx.xx.xxx.xxXxxxx XxxxxXxxx11/23/2022verifiedMedium
41XX.XXX.XXX.Xxxxxxx-xxx-xxx-x.xxxxxxx-xxx.xxxxxxxxxxxxx.xxxXxxxx XxxxxXxxx11/23/2022verifiedMedium
42XX.XXX.XX.XXxx.xx.xxx.xx.xxxxxxx.xxxxxxx.xxXxxxx XxxxxXxxx11/23/2022verifiedLow
43XX.XXX.XXX.XXXxx.xxx.xxx.xxx.xxxxxxxxx-xxxXxxxx Xxxxx03/07/2023verifiedHigh
44XX.XX.XX.XXXxxxx-xxx-x-xxxx-xxx.xxx-xx.xxx.xxxxxxx.xxXxxxx XxxxxXxxx11/23/2022verifiedMedium
45XX.XXX.XXX.XXxx-xxx-xxx-xx.xxxx.xxxxxx.xxxXxxxx XxxxxXxxx11/23/2022verifiedMedium
46XX.XXX.XXX.XXXxxx.xxxxxx-xxx-xxx.xxxxxxx.xxxxxx.xxXxxxx XxxxxXxxx11/23/2022verifiedLow
47XX.XXX.XXX.XXXXxxxx XxxxxXxxx11/23/2022verifiedMedium
48XX.XXX.XX.XXXXxxxx Xxxxx11/20/2024verifiedVery High
49XX.XXX.XX.XXXxxxx Xxxxx11/20/2024verifiedVery High
50XX.XX.XX.XXXxxxxxxx-xxxxxxx.xxxx.xxxxxx.xxXxxxx XxxxxXxxx11/23/2022verifiedLow
51XX.XXX.XXX.XXXxx.xxx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxx Xxxxx03/07/2023verifiedMedium
52XX.XXX.XXX.XXXxxxx Xxxxx03/07/2023verifiedHigh
53XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxx.xx.xxXxxxx Xxxxx10/05/2022verifiedMedium
54XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxx.xxx.xxxxxxxx.xxxXxxxx XxxxxXxxx11/23/2022verifiedLow
55XXX.XX.XXX.XXXxxxxxx-xxx-xx-xxx-xxx.xxxxxxxxx.xxXxxxx XxxxxXxxx11/23/2022verifiedMedium
56XXX.XXX.XXX.XXXxxxx XxxxxXxxx11/23/2022verifiedMedium
57XXX.XXX.X.XXXxxxxxxx.x.xxx.xxxx.xxXxxxx Xxxxx03/07/2023verifiedHigh
58XXX.XXX.XXX.XXXXxxxx Xxxxx03/07/2023verifiedHigh
59XXX.XX.X.XXXXxxxx Xxxxx10/05/2022verifiedMedium
60XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxx.xx-x.xxxx-xxxx.xxxx.xx.xxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxx11/23/2022verifiedLow
61XXX.XXX.XXX.XXXxxxx-xxx-xxx-xxx.xxxxxx.xxxxx.xxxXxxxx XxxxxXxxx11/23/2022verifiedMedium
62XXX.XX.XXX.XXXXxxxx Xxxxx02/23/2024verifiedHigh
63XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxx Xxxxx03/07/2023verifiedMedium
64XXX.XXX.XX.XXXxxxxxxxxxxx-xxxx-xxx-xx-xxx.xxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxx11/23/2022verifiedLow
65XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxx XxxxxXxxx11/23/2022verifiedLow
66XXX.XX.XX.XXXxxxx Xxxxx02/23/2024verifiedHigh
67XXX.XX.XX.XXXXxxxx Xxxxx11/20/2024verifiedVery High
68XXX.X.XX.XXxx.xx.x.xxx.x.xxx.xxxxx.xxx.xxXxxxx Xxxxx10/05/2022verifiedMedium
69XXX.XXX.XX.XXXXxxxx XxxxxXxxx11/23/2022verifiedMedium
70XXX.XX.XX.XXXXxxxx Xxxxx11/20/2024verifiedVery High
71XXX.XX.XXX.XXXXxxxx XxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxx02/28/2024verifiedVery High
72XXX.XXX.XXX.XXXXxxxx Xxxxx02/23/2024verifiedHigh
73XXX.XXX.XXX.XXXXxxxx Xxxxx03/07/2023verifiedHigh
74XXX.XX.XXX.XXXXxxxx Xxxxx10/05/2022verifiedMedium
75XXX.XXX.XX.XXXxxxx XxxxxXxxx11/23/2022verifiedMedium
76XXX.XX.XXX.XXXxxx-xxx-xx-xxx-xxx.xxxxx.xxx.xx.xxxXxxxx XxxxxXxxx11/23/2022verifiedMedium
77XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx-xxx.xxxx.xxx.xx.xxxXxxxx Xxxxx10/05/2022verifiedMedium
78XXX.XXX.XX.XXxxxxxxxxxxxxxxx-xxxxxxxxxxxxxx.xxx.xxx.xxxxx.xxxxxx.xxxXxxxx XxxxxXxxx11/23/2022verifiedLow
79XXX.XX.XXX.XXxx-xxx-xx-xxx-xx.xx.xxxxxxxx.xxXxxxx Xxxxx03/07/2023verifiedHigh
80XXX.XX.XXX.XXXXxxxx Xxxxx03/07/2023verifiedHigh
81XXX.XXX.XX.XXxx.xx.xxx.xxx.xxxxxxx.xx.xxx.xxXxxxx Xxxxx10/05/2022verifiedMedium
82XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxxx.xxxxxxxxxx.xxXxxxx XxxxxXxxx11/23/2022verifiedMedium
83XXX.XX.XX.XXXxxxx Xxxxx03/07/2023verifiedHigh
84XXX.XXX.XX.XXXxxxx Xxxxx03/07/2023verifiedHigh
85XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxxxxx.xxxx.xxxXxxxx Xxxxx03/07/2023verifiedHigh
86XXX.XXX.X.XXXxxxx Xxxxx03/07/2023verifiedHigh
87XXX.XXX.XX.XXXXxxxx Xxxxx03/07/2023verifiedHigh
88XXX.XXX.XX.XXXxxxx.xxxxxxxxxxxxxx.xxxxXxxxx Xxxxx03/07/2023verifiedHigh
89XXX.XXX.XXX.XXXXxxxx Xxxxx10/05/2022verifiedMedium
90XXX.XX.XXX.XXXxxx-xx-xxx-xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxx Xxxxx11/20/2024verifiedHigh
91XXX.XX.XX.XXXXxxxx Xxxxx03/07/2023verifiedHigh
92XXX.XX.XX.XXXXxxxx Xxxxx03/07/2023verifiedHigh
93XXX.XX.XX.XXXXxxxx Xxxxx03/07/2023verifiedHigh
94XXX.XXX.X.XXXXxxxx Xxxxx03/07/2023verifiedHigh
95XXX.XXX.XXX.XXXxxxxxxxxxxx.xxxxxxxx.xxxXxxxx XxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxx02/28/2024verifiedVery High
96XXX.XX.XX.XXXxxx.xx.xx-xxx.xxx.xxx.xxxxx.xxxXxxxx XxxxxXxxx11/23/2022verifiedLow
97XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxx XxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxx02/28/2024verifiedHigh
98XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxx.xxxx.xxXxxxx Xxxxx11/20/2024verifiedVery High
99XXX.XXX.XXX.XXxxx.xxx.xxx.xx.xxxxxxxxxxxxxxxx.xxxXxxxx Xxxxx03/07/2023verifiedMedium
100XXX.XXX.XXX.XXXXxxxx Xxxxx03/07/2023verifiedHigh
101XXX.XXX.XXX.XXxxxxxxxxxxxxxx-xxx-x-x-xx.xxxx-xxx.xxx.xxxxxxx.xxXxxxx Xxxxx10/05/2022verifiedMedium

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22Path TraversalpredictiveHigh
2TXXXX.XXXCAPEC-XXXCWE-XXXxxxx Xxxxx Xxxx XxxxxxxxxpredictiveHigh
3TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
4TXXXXCAPEC-XXXCWE-XXXxx XxxxxxxxxpredictiveHigh
5TXXXXCAPEC-XXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (7)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1Filedodosmail.phppredictiveHigh
2Fileindex.phppredictiveMedium
3Filexxxxx.xxxxpredictiveMedium
4Filexxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
5Argumentxxxxx_xxxxxxxxpredictiveHigh
6Argumentxxxxxx_xxxxx_xxxpredictiveHigh
7Argumentxxxxxx_xxpredictiveMedium

References (10)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

This view requires CTI permissions

Just purchase a CTI license today!