Threat Trend Report on Ransomware
Common Information
| Type | Value |
|---|---|
| UUID | 83c2c7f4-f544-493a-9be0-e935b30f9026 |
| Fingerprint | 0c1f164eed345ffb0ac8a0d8a812cf1f825502d0112ad220cd4dc77bacd90bf9 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Dec. 8, 2023, 9:55 a.m. |
| Added to db | Sept. 22, 2024, 3:18 p.m. |
| Last updated | Sept. 22, 2024, 3:30 p.m. |
| Headline | Threat Trend Report on Ransomware |
| Title | Threat Trend Report on Ransomware |
| Detected Hints/Tags/Attributes | 148/2/66 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 24 | cve-2021-20016 |
|
| Details | CVE | 7 | cve-2021-20021 |
|
| Details | CVE | 5 | cve-2021-20022 |
|
| Details | CVE | 26 | cve-2023-40044 |
|
| Details | CVE | 12 | cve-2023-42657 |
|
| Details | Domain | 40 | xss.is |
|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 2 | hellokitty.zip |
|
| Details | Domain | 1 | onion.onion |
|
| Details | Domain | 58 | www.shodan.io |
|
| Details | Domain | 38 | community.progress.com |
|
| Details | Domain | 1 | alpinelinux.org |
|
| Details | Domain | 224 | unit42.paloaltonetworks.com |
|
| Details | Domain | 469 | www.cisa.gov |
|
| Details | Domain | 251 | www.bleepingcomputer.com |
|
| Details | Domain | 54 | www.ahnlab.com |
|
| Details | Domain | 189 | asec.ahnlab.com |
|
| Details | File | 1 | flash_cu_000154_mw_508c.pdf |
|
| Details | File | 1 | 'hellokitty.zip |
|
| Details | File | 2 | hellokitty.zip |
|
| Details | File | 2 | encryptor.cpp |
|
| Details | File | 2 | ionline.exe |
|
| Details | File | 2 | decrypt_note.txt |
|
| Details | File | 4 | read_me_lkdtt.txt |
|
| Details | File | 15 | lb3.exe |
|
| Details | File | 367 | readme.txt |
|
| Details | File | 13 | build.bat |
|
| Details | File | 1 | 4-x86_64.iso |
|
| Details | Github username | 1 | jschanck- |
|
| Details | md5 | 1 | 39EA2394A6E6C39C5D7722DC996DAF05 |
|
| Details | md5 | 1 | 6D321248C816C61A973C9195AF30B25B |
|
| Details | md5 | 1 | CA8B1DC5170BBFC345A355929C7AF912 |
|
| Details | md5 | 1 | A9C14F31587ADE5CF70A2689EDBD136D |
|
| Details | sha1 | 1 | 232a0585a7cb6c54e15d5410c96aac5913038e7f |
|
| Details | sha1 | 1 | 34e4d070aafbaddb99d2851e0c08ba0b49ccf7c5 |
|
| Details | sha1 | 1 | 8aebf427d02cddba5b58175ecf30da9f1df83de3 |
|
| Details | sha1 | 1 | bf16b3222e52274a99fb4d18a7b0ad27927008ad |
|
| Details | sha256 | 2 | 1a4082c161eafde7e367e0ea2c98543c06dce667b547881455d1984037a90e7d |
|
| Details | sha256 | 2 | b4dd6e689b80cfcdd74b0995250d63d76ab789f1315af7fe326122540cddfad2 |
|
| Details | sha256 | 2 | 41c0b2258c632ee122fb52bf2f644c7fb595a5beaec71527e2ebce7183644db2 |
|
| Details | sha256 | 2 | 2e808fc1b2bd960909385575fa9227928ca25c8665d3ce5ad986b03679dace90 |
|
| Details | sha256 | 2 | 02a08b994265901a649f1bcf6772bc06df2eb51eb09906af9fd0f4a8103e9851 |
|
| Details | sha256 | 2 | c2498845ed4b287fd0f95528926c8ee620ef0cbb5b27865b2007d6379ffe4323 |
|
| Details | sha256 | 2 | dc007e71085297883ca68a919e37687427b7e6db0c24ca014c148f226d8dd98f |
|
| Details | sha256 | 2 | 947e357bfdfe411be6c97af6559fd1cdc5c9d6f5cea122bf174d124ee03d2de8 |
|
| Details | sha256 | 2 | ef614b456ca4eaa8156a895f450577600ad41bd553b4512ae6abf3fb8b5eb04e |
|
| Details | sha256 | 1 | 52dace403e8f9b4f7ea20c0c3565fa11b6953b404a7d49d63af237a57b36fd2a |
|
| Details | sha256 | 2 | a147945635d5bd0fa832c9b55bc3ebcea7a7787e8f89b98a44279f8eddda2a77 |
|
| Details | sha256 | 1 | 0e5f7737704c8f25b2b8157561be54a463057cd4d79c7e016c30a1cf6590a85c |
|
| Details | sha256 | 1 | 7be901c5f7ffeb8f99e4f5813c259d0227335680380ed06df03fb836a041cb06 |
|
| Details | sha256 | 1 | 501487b025f25ddf1ca32deb57a2b4db43ccf6635c1edc74b9cff54ce0e5bcfe |
|
| Details | sha256 | 4 | 9a7daafc56300bd94ceef23eac56a0735b63ec6b9a7a409fb5a9b63efe1aa0b0 |
|
| Details | sha256 | 1 | 3ae7bedf236d4e53a33f3a3e1e80eae2d93e91b1988da2f7fcb8fde5dcc3a0e9 |
|
| Details | sha256 | 1 | 10887d13dba1f83ef34e047455a04416d25a83079a7f3798ce3483e0526e3768 |
|
| Details | sha256 | 2 | e94064401b54c399d3f844fdf08f880cb8c5d74c34de9dc28733dd22dabba678 |
|
| Details | Url | 2 | https://www.bleepingcomputer.com/news/security/hellokitty-ransomware-source-code-leaked-on-hacking-forum |
|
| Details | Url | 1 | https://github.com/jschanck- |
|
| Details | Url | 1 | http://onion.onion |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/babuk-code-used-by-9-ransomware-gangs-to-encrypt-vmware-esxi-servers |
|
| Details | Url | 3 | https://community.progress.com/s/article/ws-ftp-server-critical-vulnerability-september-2023 |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/exploit-available-for-critical-ws-ftp-bug-exploited-in-attacks |
|
| Details | Url | 2 | https://www.bleepingcomputer.com/news/security/ransomware-attacks-now-target-unpatched-ws-ftp-servers |
|
| Details | Url | 2 | https://unit42.paloaltonetworks.com/blackcat-ransomware-releases-new-utility-munchkin |
|
| Details | Url | 2 | https://www.bleepingcomputer.com/news/security/blackcat-ransomware-uses-new-munchkin-linux-vm-in-stealthy-attacks |
|
| Details | Url | 34 | https://www.ahnlab.com |
|
| Details | Url | 34 | https://asec.ahnlab.com/en |