PowerPoint Presentation
Show in Graph
Image Description
Common Information
Type Value
UUID 7ea8d986-d3ee-40e7-8e8c-e44c6b190e75
Fingerprint c2745c64c4125974ff5b22f42828c72652307892f93197e4cd910a9037443f67
Analysis status DONE
Considered CTI value 2
Text language
Published May 16, 2023, 4:54 p.m.
Added to db Feb. 7, 2024, 7:17 p.m.
Last updated Aug. 31, 2024, 2:34 a.m.
Headline PowerPoint Presentation
Title PowerPoint Presentation
Detected Hints/Tags/Attributes 57/3/20
Source URLs
Redirection Url
Details Source https://www.hivepro.com/wp-content/uploads/2023/05/RA-Groups-Custom-Ransomware-Hits-US-South-Korea_TA2023230.pdf
URL Provider
Details Provider Source level domain
Details hivepro.com www.hivepro.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
5keoad.onion
Details Domain 261 
blog.talosintelligence.com
Details Domain 4127 
github.com
Details Domain 435 
www.hivepro.com
Details File 140 
files.txt
Details File 1 
ra-group-ransomware.txt
Details Github username 15 
cisco-talos
Details MITRE ATT&CK Techniques 585 
T1083
Details MITRE ATT&CK Techniques 276 
T1490
Details MITRE ATT&CK Techniques 107 
T1496
Details MITRE ATT&CK Techniques 113 
T1552
Details MITRE ATT&CK Techniques 157 
T1560
Details MITRE ATT&CK Techniques 163 
T1573
Details Url 2 
https://blog.talosintelligence.com/ra-group-ransomware
Details Url 1 
https://github.com/cisco-talos/iocs/blob/main/2023/05/ra-group-ransomware.txt
Details Url 1 
https://www.hivepro.com/rook-new-ransomware-in-the-market-scavenges-code-
Details Url 1 
https://www.hivepro.com/pandora-ransomware-targets-multiple-plants-around-the-
Details Url 1 
https://www.hivepro.com/cybercrime-group-exploits-zero-day-on-windows-servers-
Details Url 1 
https://www.hivepro.com/the-esxiargs-ransomware-attack-is-targeting-vmware-esxi-
Details Url 1 
https://www.hivepro.com/a-new-rorschach-ransomware-threat-employing-hybrid-