Threat Trend Report on Ransomware
Common Information
| Type | Value |
|---|---|
| UUID | 5eefc4a7-6f67-49d4-a180-96c3f1ef5d4f |
| Fingerprint | 4db0cc2e5abb7007b86675bef0addb9a196efc30146deeacf72fc428d391a2ba |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | May 23, 2023, 9:47 a.m. |
| Added to db | Sept. 22, 2024, 3:11 p.m. |
| Last updated | Sept. 22, 2024, 3:21 p.m. |
| Headline | Threat Trend Report on Ransomware |
| Title | Threat Trend Report on Ransomware |
| Detected Hints/Tags/Attributes | 88/3/38 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 115 | cve-2023-0669 |
|
| Details | CVE | 50 | cve-2022-47986 |
|
| Details | CVE | 43 | cve-2023-24880 |
|
| Details | CVE | 31 | cve-2022-44698 |
|
| Details | Domain | 44 | atip.ahnlab.com |
|
| Details | Domain | 1373 | twitter.com |
|
| Details | Domain | 1 | ifire.pid |
|
| Details | Domain | 124 | www.sentinelone.com |
|
| Details | Domain | 452 | msrc.microsoft.com |
|
| Details | Domain | 6 | ms.update.center.security |
|
| Details | Domain | 251 | www.bleepingcomputer.com |
|
| Details | Domain | 55 | blog.google |
|
| Details | Domain | 54 | www.ahnlab.com |
|
| Details | Domain | 189 | asec.ahnlab.com |
|
| Details | File | 2 | ifire-readme.txt |
|
| Details | File | 1 | magniber_valid_signature.msi |
|
| Details | File | 1 | magniber_cve-2023-24880.msi |
|
| Details | File | 1 | kb99435793.msi |
|
| Details | File | 1 | kb89598422.msi |
|
| Details | md5 | 1 | 01DE715B0F9E3725EF453D31ACAAF598 |
|
| Details | md5 | 1 | B3ECE680F2D56D0CE3D95F97DD36487B |
|
| Details | md5 | 1 | 779A5C56DA80C053E03CEA35FBB363FB |
|
| Details | md5 | 1 | 8F0F46A64ADE3501A2DBE249B9B9F61C |
|
| Details | IPv4 | 2 | 159.65.217.216 |
|
| Details | Microsoft Patch Numbers | 1 | KB99435793 |
|
| Details | Microsoft Patch Numbers | 1 | KB89598422 |
|
| Details | Url | 1 | https://atip.ahnlab.com/ti/contents/asec-notes?i=eb62d9b4 |
|
| Details | Url | 1 | https://twitter.com/ido_cohen2 |
|
| Details | Url | 1 | https://twitter.com/ido_cohen2/status/1642218169765883907/photo/1 |
|
| Details | Url | 1 | https://www.sentinelone.com/labs/icefire-ransomware-returns-now-targeting-linux-enterprise-networks |
|
| Details | Url | 1 | https://atip.ahnlab.com/ti/contents/security-advisory?i=5db8e58e |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/icefire-ransomware-now-encrypts-both-linux-and-windows-systems |
|
| Details | Url | 1 | http://159.65.217.216:8080/demo |
|
| Details | Url | 1 | https://blog.google/threat-analysis-group/magniber-ransomware-actors-used-a-variant-of-microsoft-smartscreen-bypass |
|
| Details | Url | 2 | https://msrc.microsoft.com/update-guide/vulnerability/cve-2023-24880 |
|
| Details | Url | 1 | https://atip.ahnlab.com/ti/contents/security-advisory?i=840d61f6 |
|
| Details | Url | 34 | https://www.ahnlab.com |
|
| Details | Url | 34 | https://asec.ahnlab.com/en |