Alerts Template 2021
Common Information
| Type | Value |
|---|---|
| UUID | 9d50b23c-0a93-4549-83ed-7466321b93a0 |
| Fingerprint | ee45573d054aff4cb63a5affd988e425a2f99b217210d815dda305309a312453 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Nov. 28, 2022, 11:55 a.m. |
| Added to db | March 11, 2024, 7:29 p.m. |
| Last updated | Aug. 31, 2024, 3:49 a.m. |
| Headline | Alerts Template 2021 |
| Title | Alerts Template 2021 |
| Detected Hints/Tags/Attributes | 123/3/83 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.hhs.gov/sites/default/files/venus-ransomware-analyst-note.pdf |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 41 | www.hhs.gov |
|
| Details | Domain | 85 | onionmail.org |
|
| Details | Domain | 37 | xmpp.jp |
|
| Details | Domain | 167 | tutanota.com |
|
| Details | Domain | 144 | cock.li |
|
| Details | Domain | 9 | disroot.org |
|
| Details | Domain | 251 | www.bleepingcomputer.com |
|
| Details | Domain | 66 | www.malwarebytes.com |
|
| Details | Domain | 21 | www.joesandbox.com |
|
| Details | Domain | 268 | www.virustotal.com |
|
| Details | Domain | 10 | www.cyber.nj.gov |
|
| Details | Domain | 1373 | twitter.com |
|
| Details | Domain | 13 | id-ransomware.blogspot.com |
|
| Details | Domain | 469 | www.cisa.gov |
|
| Details | Domain | 23 | hhs.gov |
|
| Details | 2 | decryptdata@onionmail.org |
||
| Details | 2 | decryptdata@xmpp.jp |
||
| Details | 3 | skynetwork@tutanota.com |
||
| Details | 3 | skynetwork@onionmail.org |
||
| Details | 3 | skynetwork@cock.li |
||
| Details | 2 | getdecrypt@disroot.org |
||
| Details | 18 | hc3@hhs.gov |
||
| Details | File | 2 | venus.exe |
|
| Details | File | 2 | yjnz0n28zu.exe |
|
| Details | File | 3 | 345.exe |
|
| Details | File | 5 | executable.exe |
|
| Details | File | 28 | program.exe |
|
| Details | File | 44 | readme.html |
|
| Details | File | 1 | venus-ransomware.html |
|
| Details | md5 | 2 | eae3f9f84a8b6756db599963aa4f49d1 |
|
| Details | md5 | 1 | f5e72bf445387eddec000e0238adf873 |
|
| Details | md5 | 2 | 0d4247600f91e28bd390c91dd61ccd7f |
|
| Details | md5 | 2 | 9aa3cc9d7c641ea22cfa3e5233e13c94 |
|
| Details | sha1 | 3 | c40909226c102ceb3cf97e9037c590f1623af013 |
|
| Details | sha1 | 3 | 895eb3047e7a28ce219fdd7e7ad5ce2a61312d93 |
|
| Details | sha1 | 3 | ba145483608a4ea567ed3c3c2b7e396098f5386a |
|
| Details | sha1 | 3 | 1970f6c17567d56c3e7840fe33a6959dd887fca2 |
|
| Details | sha256 | 2 | 0a4e5832841ffff9f8d27ce8216d655c8743b682fff0f90dee6bd3ea83dec028 |
|
| Details | sha256 | 3 | 2e2cef71bf99594b54e00d459480e1932e0230fb1cbee24700fbc2f5f631bf12 |
|
| Details | sha256 | 3 | 6d8e2d8f6aeb0f4512a53fe83b2ef7699513ebaff31735675f46d1beea3a8e05 |
|
| Details | sha256 | 2 | 49fd52a3f3d1d46dc065217e588d1d29fba4d978cd8fdb2887fd603320540f71 |
|
| Details | MITRE ATT&CK Techniques | 695 | T1059 |
|
| Details | MITRE ATT&CK Techniques | 310 | T1047 |
|
| Details | MITRE ATT&CK Techniques | 239 | T1106 |
|
| Details | MITRE ATT&CK Techniques | 480 | T1053 |
|
| Details | MITRE ATT&CK Techniques | 227 | T1574.002 |
|
| Details | MITRE ATT&CK Techniques | 380 | T1547.001 |
|
| Details | MITRE ATT&CK Techniques | 116 | T1134 |
|
| Details | MITRE ATT&CK Techniques | 440 | T1055 |
|
| Details | MITRE ATT&CK Techniques | 298 | T1562.001 |
|
| Details | MITRE ATT&CK Techniques | 504 | T1140 |
|
| Details | MITRE ATT&CK Techniques | 627 | T1027 |
|
| Details | MITRE ATT&CK Techniques | 297 | T1070.004 |
|
| Details | MITRE ATT&CK Techniques | 348 | T1036 |
|
| Details | MITRE ATT&CK Techniques | 152 | T1056 |
|
| Details | MITRE ATT&CK Techniques | 86 | T1124 |
|
| Details | MITRE ATT&CK Techniques | 585 | T1083 |
|
| Details | MITRE ATT&CK Techniques | 1006 | T1082 |
|
| Details | MITRE ATT&CK Techniques | 141 | T1518.001 |
|
| Details | MITRE ATT&CK Techniques | 243 | T1018 |
|
| Details | MITRE ATT&CK Techniques | 245 | T1016 |
|
| Details | MITRE ATT&CK Techniques | 157 | T1560 |
|
| Details | MITRE ATT&CK Techniques | 89 | T1114 |
|
| Details | MITRE ATT&CK Techniques | 492 | T1105 |
|
| Details | MITRE ATT&CK Techniques | 163 | T1573 |
|
| Details | MITRE ATT&CK Techniques | 159 | T1095 |
|
| Details | MITRE ATT&CK Techniques | 444 | T1071 |
|
| Details | MITRE ATT&CK Techniques | 93 | T1485 |
|
| Details | MITRE ATT&CK Techniques | 472 | T1486 |
|
| Details | MITRE ATT&CK Techniques | 276 | T1490 |
|
| Details | MITRE ATT&CK Techniques | 65 | T1491 |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/venus-ransomware-targets-publicly-exposed-remote- |
|
| Details | Url | 1 | https://www.malwarebytes.com/blog/news/2022/10/venus-ransomware-targets-remote-desktop- |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/forums/t/777945/venus-ransomware-support-help-topic-venus- |
|
| Details | Url | 1 | https://www.joesandbox.com/analysis/724026/1/html |
|
| Details | Url | 1 | https://www.virustotal.com/gui/file/2e2cef71bf99594b54e00d459480e1932e0230fb1cbee24700fbc2 |
|
| Details | Url | 1 | https://www.virustotal.com/gui/file/6d8e2d8f6aeb0f4512a53fe83b2ef7699513ebaff31735675f46d1b |
|
| Details | Url | 1 | https://www.virustotal.com/gui/file/49fd52a3f3d1d46dc065217e588d1d29fba4d978cd8fdb2887fd60 |
|
| Details | Url | 1 | https://www.cyber.nj.gov/threat-center/threat-profiles/ransomware-variants/venuslocker |
|
| Details | Url | 1 | https://www.malwarebytes.com/blog/news/2016/08/venus-locker-another-net-ransomware |
|
| Details | Url | 1 | https://twitter.com/linuxct/status/1577926820636286977 |
|
| Details | Url | 1 | https://id-ransomware.blogspot.com/2021/05/venus-ransomware.html |
|
| Details | Url | 3 | https://www.cisa.gov/stopransomware/ransomware-guide |