Why Ransomware Attack Actors
Common Information
| Type | Value |
|---|---|
| UUID | 3eca9e58-af1b-4528-861c-060076f4b7e9 |
| Fingerprint | a2e6669251e095bb840d163bd15014957a21ad31b06e0a96577d32492b44e67a |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Jan. 26, 2024, 10 a.m. |
| Added to db | March 12, 2024, 8:14 p.m. |
| Last updated | Aug. 31, 2024, 5:37 a.m. |
| Headline | Why Ransomware Attack Actors |
| Title | Why Ransomware Attack Actors |
| Detected Hints/Tags/Attributes | 108/2/32 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 80 | cve-2021-26084 |
|
| Details | CVE | 67 | cve-2021-40539 |
|
| Details | Domain | 911 | any.run |
|
| Details | Domain | 1373 | twitter.com |
|
| Details | Domain | 71 | blogs.jpcert.or.jp |
|
| Details | Domain | 46 | jsac.jpcert.or.jp |
|
| Details | Domain | 397 | www.microsoft.com |
|
| Details | Domain | 98 | www.secureworks.com |
|
| Details | Domain | 6 | blog.sygnia.co |
|
| Details | Domain | 36 | media.defense.gov |
|
| Details | Domain | 182 | www.mandiant.com |
|
| Details | File | 2 | huiloader.html |
|
| Details | File | 1 | 9_yanagishita-tamada-nakatsuru-ishimaru_en.pdf |
|
| Details | File | 2 | csa_ransomware_attacks_on_ci_fund_dprk_activities.pdf |
|
| Details | IPv4 | 2 | 178.209.51.243 |
|
| Details | IPv4 | 2 | 37.143.131.224 |
|
| Details | IPv4 | 2 | 145.239.120.59 |
|
| Details | IPv4 | 2 | 45.91.92.140 |
|
| Details | Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development) | 24 | DEV-0401 |
|
| Details | Threat Actor Identifier - APT | 115 | APT1 |
|
| Details | Threat Actor Identifier - APT | 278 | APT10 |
|
| Details | Threat Actor Identifier - APT | 115 | APT43 |
|
| Details | Url | 2 | https://any.run/report/f9533288e6a7279195902c8691d5f223c77015fa332b56e |
|
| Details | Url | 2 | https://twitter.com/grujars/status/1484148716479172608 |
|
| Details | Url | 1 | https://blogs.jpcert.or.jp/en/2022/05/huiloader.html |
|
| Details | Url | 1 | https://jsac.jpcert.or.jp/archive/2022/pdf/jsac2022_ |
|
| Details | Url | 1 | https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware- |
|
| Details | Url | 2 | https://www.secureworks.com/research/bronze-starlight- |
|
| Details | Url | 2 | https://blog.sygnia.co/revealing-emperor-dragonfly-a-chinese- |
|
| Details | Url | 2 | https://media.defense.gov/2023/feb/09/2003159161/-1/- |
|
| Details | Url | 3 | https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service- |
|
| Details | Url | 4 | https://www.mandiant.com/resources/blog/north-korea-cyber-structure-alignment-2023 |