New Ransomware-as-a-Service Tool ‘Thanos’ Shows Connections to ‘Hakbit’
Common Information
| Type | Value |
|---|---|
| UUID | 076cfe8b-d143-4b96-a3d1-fd006bbbf7cf |
| Fingerprint | 68a67d729e302001e6e07137128238206cf0d68488cfdee3249ed30636c7dfe8 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | June 9, 2020, 9:44 a.m. |
| Added to db | March 10, 2024, 12:56 a.m. |
| Last updated | Aug. 30, 2024, 10:28 p.m. |
| Headline | New Ransomware-as-a-Service Tool ‘Thanos’ Shows Connections to ‘Hakbit’ |
| Title | New Ransomware-as-a-Service Tool ‘Thanos’ Shows Connections to ‘Hakbit’ |
| Detected Hints/Tags/Attributes | 117/3/70 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://go.recordedfuture.com/hubfs/reports/cta-2020-0610.pdf |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 546 | www.recordedfuture.com |
|
| Details | Domain | 911 | any.run |
|
| Details | Domain | 396 | protonmail.com |
|
| Details | 2 | hakbit@protonmail.com |
||
| Details | File | 2 | sharpexec_x64.exe |
|
| Details | File | 2 | sharpexec_x86.exe |
|
| Details | File | 256 | net.exe |
|
| Details | File | 12 | del.exe |
|
| Details | File | 345 | vssadmin.exe |
|
| Details | File | 2 | my_files.txt |
|
| Details | File | 83 | sbiedll.dll |
|
| Details | File | 1 | c:\program files\client-0.exe |
|
| Details | File | 2 | crcss.exe |
|
| Details | File | 3 | chrome32.exe |
|
| Details | File | 199 | firefox.exe |
|
| Details | File | 312 | calc.exe |
|
| Details | File | 57 | mysqld.exe |
|
| Details | File | 1 | dllhst.exe |
|
| Details | File | 2 | opera32.exe |
|
| Details | File | 1 | memop.exe |
|
| Details | File | 1 | spoolcv.exe |
|
| Details | File | 4 | ctfmom.exe |
|
| Details | File | 4 | skypeapp.exe |
|
| Details | File | 102 | mspub.exe |
|
| Details | File | 57 | mydesktopqos.exe |
|
| Details | File | 60 | mydesktopservice.exe |
|
| Details | sha256 | 1 | 81e81f0bbbdb831eda215033b7a7dbf2eed3812f4e58118f181a8e99e613179e |
|
| Details | sha256 | 1 | 916500065fb0037de6e95bdbeafaa69a8d3932af10e81acb02f88c6a65cb577e |
|
| Details | sha256 | 1 | 3ccf57e60cdf89d04f2c7e744d73e3b40a4308a2ba87d0423c96f601d737733f |
|
| Details | sha256 | 1 | ff1a88c2ad5df435a978c63d21a6ab0642134785284b01137e18dd235197b66d |
|
| Details | sha256 | 1 | 917905ba95c10847e0bf3bc66332ae05616a0ddd965a00ae8ec3431ed11c39d2 |
|
| Details | sha256 | 1 | 7a7a5110cb9a8ee361c9c65f06293667451e5200d21db72954002e5725971950 |
|
| Details | sha256 | 1 | 5b5802805784b265c40c8af163b465f1430c732c60dd1fbec80da95378ae45b7 |
|
| Details | sha256 | 1 | 7e6db426de4677efbf2610740b737da03c68a7c6295aca1a377d1df4d35959e5 |
|
| Details | sha256 | 1 | d1b634201a6158a90f718a082c0fe0ee1769ff4b613dd9756a34318fa61eea47 |
|
| Details | sha256 | 1 | e63aeb1aa61c38a5bed126b41ca587a892de0311730b892aee77541a761e1a02 |
|
| Details | sha256 | 1 | 940df3b1cf603388cf9739cc208c1a88adfe39d2afe51e24a51878adca2be4e3 |
|
| Details | sha256 | 1 | a1bab429b3b18fdb8e4fec493bd53e89c0f87147d902ff41a0f6dcd61c159553 |
|
| Details | sha256 | 1 | e67fa8978e6c22f4d54604a54c3ac54e631128eed819d37355c2ad80e74507a5 |
|
| Details | sha256 | 1 | b99e0b750b3815fec3b292ede3f94524c8bede7d158334295e096518e9cde0ad |
|
| Details | sha256 | 1 | 989a9d2e08fcba4059ebc55afc049f34d2a12bfdd1e14f468ee8b5c27c9e7bda |
|
| Details | sha256 | 1 | db3ef67666e18047aa24a90bfa32ca456641209147703853413d56eb74d44673 |
|
| Details | sha256 | 1 | 10dc9cb12580bc99f039b1c084ca6f136047ac4d5555ad90a7b682a2ffac4dc5 |
|
| Details | sha256 | 1 | 049425dac929baf288c44c981ef63417d097fb95f5199c9f33e5ef5e2ec20590 |
|
| Details | sha256 | 1 | f1388fbe51253d8f07a98eabfe0422e39821d936166cc85c92a0418854ae15fb |
|
| Details | sha256 | 1 | cea80fe543aec9c6b4a4628ec147e8a41cac766c2cd52c0ca86a19f9ef348fc3 |
|
| Details | sha256 | 1 | 8a2b54d273d01f8d5f42311d5402950bb9983648a39b943c729314a97ede15a2 |
|
| Details | sha256 | 1 | aae00e2532ae5093e8c0a623bffcc4c447d04e89237438c52cb473854c715724 |
|
| Details | sha256 | 1 | fd8c3259b8e80b8220c6053aa9b045676d1e3fe09356ed94b5e47fb5b895ff92 |
|
| Details | sha256 | 1 | 23d7693284e90b752d40f8c0c9ab22da45f7fe3219401f1209c89ac98a4d7ed3 |
|
| Details | sha256 | 1 | e256a9f20479f29e229f594ef6ab91be75bff9e3f0784030ac0feb8868f4abc1 |
|
| Details | sha256 | 1 | 7a38f70d923669a989ea52fa1c356c5ac7ccce4067a37782973466102e3d27f6 |
|
| Details | sha256 | 1 | 53806ba5c9b23a43ddbfa669798d46e715b55a5d88d3328c5af15ba7f26fbadd |
|
| Details | sha256 | 1 | 871eef727aaad88b734bb372f19e72ccf38034195666c35390f5c3064f5469a3 |
|
| Details | sha256 | 1 | edcac243808957cc898d4a08a8b0d5eaf875f5f439a3ca0acfaf84522d140e7e |
|
| Details | sha256 | 1 | 86ed000fa2dd99f2b2341da607c904c0b510f98ead65be12b358e3f73e624cb6 |
|
| Details | sha256 | 1 | c8f18fb0baf81b31daa929499b2dcaa7f297bd05ec1ecff319ae5e8b34dade00 |
|
| Details | sha256 | 1 | f7d7111653c43476039efd370fb39fcdb2c22a3f1bb89013af643b45fb3af467 |
|
| Details | sha256 | 1 | 5849966984f270b200fd80e086d2565a5a7d4ee0743677640f45b97b46e49082 |
|
| Details | sha256 | 1 | 3f83fd42af95185e19e537708dccdf1539dcab1ce73783c2741b4c1929dcc020 |
|
| Details | sha256 | 1 | 794369bc9a06041f906910309b2ce45569a03c378ff0468b6335d4f653f190ab |
|
| Details | sha256 | 1 | 9784148014987a39d87265c015962e9535ed86e861093a6c59691095a19be7c2 |
|
| Details | sha256 | 1 | f0c0c989b018ee24cbd7548cec4e345fd34f491d350983fddb5ddc1ad1f4ba9f |
|
| Details | sha256 | 1 | a95f9d82097bdfa2dd47e075b75d09907d5913e5c15d05c926de0d8bbce9698f |
|
| Details | sha256 | 1 | 916aeaa51050f25dbbcefc1be1820457e1d9d755a44d2d0cf62155f75c54127c |
|
| Details | sha256 | 1 | 17314793d751b66f4afc1fac1c0ab0c21f2c9f67e473e8ba235bc79d7e0ea1b0 |
|
| Details | sha256 | 2 | 34b93f1989b272866f023c34a2243978565fcfd23869cacc58ce592c1c545d8e |
|
| Details | sha256 | 1 | 855dcd368dbb01539e7efa4b3fefa9b56d197db87b1ba3ede5e1f95927ea2ca3 |
|
| Details | sha256 | 1 | 09fd6a13fbe723eec2fbe043115210c1538d77627b93feeb9e600639d20bb332 |
|
| Details | sha256 | 1 | befc6ff8c63889b72d1f5aec5e5accc1b4098a83cd482a6bb85182ecd640b415 |