BlackSuit Ransomware

BlackSuit Ransomware is a blue team lab that falls under the Malware Analysis category and will cover the following subjects: FLOSS/Strings, x64dbg, IDA, Ghidra, CFF Explorer, Python3, Execution, Defense Evasion, Discovery, Impact.

Learning Objectives

Reconstruct BlackSuit ransomware's attack lifecycle by analyzing PE artifacts, encrypted payloads, API calls, and network communication using Ghidra, x64dbg, and CFF Explorer.

Categories: Malware Analysis.

MITRE ATT&CK Tactics: Execution, Defense Evasion, Discovery, Impact.

Tools: Ghidra, IDA, x64dbg, Python3, CFF Explorer, FLOSS/Strings.

Difficulty: hard.