PowerPoint Presentation
Show in Graph
Image Description
Common Information
Type Value
UUID 7549933d-4927-4e6e-8df8-af6a3c8f0064
Fingerprint d639a9ebb7112c8d9b03ba1717bdc7e7167e32815b517350aec32d72cb4f57c8
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 5, 2022, 3:29 p.m.
Added to db Feb. 7, 2024, 6:48 p.m.
Last updated Aug. 31, 2024, 2:45 a.m.
Headline PowerPoint Presentation
Title PowerPoint Presentation
Detected Hints/Tags/Attributes 49/3/23
Source URLs
Redirection Url
Details Source https://www.hivepro.com/wp-content/uploads/2022/01/Rook-New-Ransomware-in-the-market-scavenges-code-from-Babuk_TA202161.pdf
URL Provider
Details Provider Source level domain
Details hivepro.com www.hivepro.com
Attributes
Details Type #Events CTI Value
Details Domain 124 
www.sentinelone.com
Details Domain 55 
otx.alienvault.com
Details md5 2 
bec9b3480934ce3d30c25e1272f60d02
Details md5 3 
6d87be9212a1a0e92e58e1ed94c589f9
Details md5 1 
4f7adc32ec67c1a55853ef828fe58707
Details sha1 1 
36de7997949ac3b9b456023fb072b9a8cd84ade8
Details sha1 1 
19ce538b2597da454abf835cff676c28b8eb66f7
Details sha1 2 
104d9e31e34ba8517f701552594f1fc167550964
Details sha256 2 
f87be226e26e873275bde549539f70210ffe5e3a129448ae807a319cbdcf7789
Details sha256 2 
c2d46d256b8f9490c9599eea11ecef19fde7d4fdd2dea93604cee3cea8e172ac
Details sha256 1 
96f7df1c984c1753289600f7f373f3a98a4f09f82acc1be8ecfd5790763a355b
Details MITRE ATT&CK Techniques 409 
T1566
Details MITRE ATT&CK Techniques 695 
T1059
Details MITRE ATT&CK Techniques 627 
T1027
Details MITRE ATT&CK Techniques 160 
T1027.002
Details MITRE ATT&CK Techniques 235 
T1562
Details MITRE ATT&CK Techniques 100 
T1007
Details MITRE ATT&CK Techniques 1006 
T1082
Details MITRE ATT&CK Techniques 152 
T1090
Details MITRE ATT&CK Techniques 276 
T1490
Details Url 2 
https://www.sentinelone.com/labs/new-rook-ransomware-feeds-off-the-code-of-babuk
Details Url 1 
https://otx.alienvault.com/pulse/61c986f940126b3db3bf70e4
Details Url 1 
https://www.bleepingcomputer.com/news/security/rook-ransomware-is-yet-another-spawn-of-the-leaked-babuk-code