Ransomware - BlackNevas

BlackNevas (Active)
Aliases
Trial Recovery
Trial_recovery
Description

This entry is under construction. However, we have included some details below.

Ransomware Type
Crypto-Ransomware
Data Broker
HumOR
First Seen
Lineage
Trigona
Alliances & Associations
Type
Alliance/Association
Operator(s) Affiliate
Blackout
Operator(s) Affiliate
DragonForce
Operator(s) Affiliate
EMBARGO
Operator(s) Affiliate
Hunter's International
Operator(s) Affiliate
KillSec
Operator(s) Affiliate
MADDLL32
Extortion Links
Moyen
Lien
TOR
http://ctyfftrjgtwdjzlgqh4avbd35sqrs6tde4oyam2ufbjch6oqpqtkdtid.onion
Extortion Types
Data Auctions
Direct Extortion
Double Extortion
Doxxing
Free Data Leaks
Legal Assistance
Negotiation Leaks
Victim Client Communication
Moyen
Identifiant
Email
[email protected]
Email
[email protected]
Email
[email protected]
Email
[email protected]
Email
[email protected]
Email
[email protected]
Email
[email protected]
Email
[email protected]
Email
[email protected]
Email
[email protected]
Email
[email protected]
Email
[email protected]
Email
[email protected]
Email
[email protected]
Telegram
https://t.me/BlackNevas
Encryption
Type
Hybrid
Files
AES-256-CBC
Key
RSA-4096
File Extension
trial-recovery.[random alphanumeric string>.,random alphanumeric string>.-ENCRYPTED
trial-recovery.[random alphanumeric string>.,random alphanumeric string>.-encrypted
trial-recovery.[random alphanumeric string>.,random alphanumeric string>.-erased
Ransom Note Name
how_to_decrypt.txt
23642a78addcffd124db133a2dd2fcd2d1bdb060dd1e41da33cb18eec7a88867
2b9fe8a2629727470be1c928f7c9be7e2ea6cc22fb12f971902bf9cea8b16afb
360758c296310ba428d0d52c90e31c05fc43d5889282fa840283cf468f2378e8
3d09e930305cb3aa4ca54a39b0e3749f083d432f202606c8adac8455014b47fc
43f145fccec00f1e100ec3377eaf0ab60df3b9c5291b8011e05141cc04704be1
49fcbd606ff10d4661e222b8910ab7829d1668e3c97f1bab7eb51e8ec7d799a5
501821a19ccf59830789849beff94238736adb4b213870a511890c5c8efab2a6
623f3e98908962669e48edd414dbb67e9d4e204f677998fdcc9c2d790816a67f
713392f009bc133f24b3271379a4ac147e1a7782b6a1ac957c1fda69d676b550
840b1c580bfd15ca3eb1cc94cf479f63b93285d2599bc2e3cd361e3f5a340f19
8a2d6d27ffcc66400a640d3c9c9e6becb90c04c5bab452cac56f999c48a04d63
910cc03d64bf09f53cdf3b83068cc46368c23a061c2e1ed5df0e3a35d6c9e084
95e744ddcc2e8f89f6c6e25503eff2eb5e70e98f6989bb4a4e93f17b09448e78
9d9c146910f294b3e2a755f76e8066cd2edfac057ff54f00f405e2f9e8b9e51a
9d9c146910f294b3e2a755f76e8066cd2edfac057ff54f00f405e2f9e8b9e51a
a0630e2a81775e8334ea9f8cac73cebf1b9a70507ea3347c0c2eba82c80219a6
a331504acf589be5d11202232a7a93eeb4fe6b053beea231d9a0a661bcaf3fd6
b0dfaf509de38749c49afcb3cd34d27126044bb77cc16896b02ebced6f95db02
b2353fce403b079735a606294c4ffc20a71f1c6b16ec15e94f554beafcddd1ea
bad3c2f72ef2be522a554a9615dc93027416a3d4048f77519fca5104fabba1f9
bf4adad2eb1163369c133ae61c181a3f91ef8640a457e9c4e72d77a60fbfa7ab
c08a752138a6f0b332dfec981f20ec414ad367b7384389e0c59466b8e10655ec
c0fc61631a20c373ce17e939e09cfb4f5179c9e0788e80079b4ee8986afe89bd
d953bce4d87f5837ce318481e3a1b6617cf64af976043d3b4b4866475bb31972
def75a41435dc28430097a7e116b2d17526ce2b0172995618f2749b0d732f7ea
e7706a633f24679c7550a31b96088dda8f772c98f64daee7cfbf0dc17a4a8338
eb8cbc4a0eae33bfdc4ecb99d033c81224b005e55588ceb86346f2b2d3fd790f
f25f76a85ded0d4d285d9ae5482d8fe07dade3e241853d00b17642d7873733e8
Industry Sector Pays Extortion Date Amount (USD)
Accounting Services United Kingdom
Professional Services Italy
Scientific Services India
Education United States
Retail & Wholesale Spain
Legal United Kingdom
Information Technology United States
Information Technology South Korea
Food & Beverage Lithuania
Food & Beverage Thailand
Legal Japan
Utilities Thailand
References & Publications
Elastio: Trial_recovery
PCrisk: Trial_recovery
SentinelOne: BlackNevas
Ransomware Tracker