Alerts Template 2021
Common Information
| Type | Value |
|---|---|
| UUID | da421a5b-1646-4792-8d61-e45804ea9e44 |
| Fingerprint | ccb8c2a2fbd0c4c57a2a33ac7d81284a39930e1a5d9195c74501722a447676de |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Jan. 6, 2022, 2:48 p.m. |
| Added to db | March 11, 2024, 7:29 p.m. |
| Last updated | Aug. 31, 2024, 3:35 a.m. |
| Headline | Alerts Template 2021 |
| Title | Alerts Template 2021 |
| Detected Hints/Tags/Attributes | 93/2/40 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 23 | hhs.gov |
|
| Details | Domain | 41 | www.hhs.gov |
|
| Details | Domain | 65 | blog.cyble.com |
|
| Details | Domain | 167 | www.ic3.gov |
|
| Details | Domain | 74 | thedfirreport.com |
|
| Details | Domain | 15 | virustotal.github.io |
|
| Details | Domain | 98 | www.secureworks.com |
|
| Details | Domain | 11 | www.hornetsecurity.com |
|
| Details | Domain | 65 | www.cert.ssi.gouv.fr |
|
| Details | Domain | 175 | www.zdnet.com |
|
| Details | Domain | 47 | intel471.com |
|
| Details | Domain | 5 | malware.news |
|
| Details | Domain | 14 | cyberpeaceinstitute.org |
|
| Details | Domain | 14 | healthitsecurity.com |
|
| Details | Domain | 9 | blog.emsisoft.com |
|
| Details | Domain | 8 | www.cynet.com |
|
| Details | Domain | 59 | www.cybereason.com |
|
| Details | Domain | 81 | blog.malwarebytes.com |
|
| Details | 18 | hc3@hhs.gov |
||
| Details | File | 24 | update.bat |
|
| Details | File | 1 | 210316.pdf |
|
| Details | File | 141 | www.cer |
|
| Details | Url | 1 | https://blog.cyble.com/2021/11/29/pysa-ransomware-under-the-lens-a-deep-dive-analysis |
|
| Details | Url | 1 | https://www.ic3.gov/media/news/2021/210316.pdf |
|
| Details | Url | 2 | https://thedfirreport.com/2020/11/23/pysa-mespinoza-ransomware |
|
| Details | Url | 1 | http://virustotal.github.io/yara/. |
|
| Details | Url | 1 | https://www.secureworks.com/research/threat-profiles/gold-burlap |
|
| Details | Url | 2 | https://www.hornetsecurity.com/en/security-informationen-en/leakware-ransomware-hybrid-attacks |
|
| Details | Url | 1 | https://www.cert.ssi.gouv.fr/cti/certfr-2020-cti-003 |
|
| Details | Url | 1 | https://www.crowdstrike.com/blog/hypervisor-jackpotting-ecrime-actors-increase-targeting-of-esxi-servers |
|
| Details | Url | 1 | https://www.zdnet.com/article/france-warns-of-new-ransomware-gang-targeting-local-governments |
|
| Details | Url | 1 | https://intel471.com/blog/ransomware-as-a-service-2020-ryuk-maze-revil-egregor-doppelpaymer |
|
| Details | Url | 1 | https://malware.news/t/another-one-for-the-collection-mespinoza-pysa-ransomware/35626 |
|
| Details | Url | 1 | https://cyberpeaceinstitute.org/blog-series-reconceptualizing-ransomware |
|
| Details | Url | 1 | https://healthitsecurity.com/news/39-ransomware-groups-targeted-healthcare-in-the-past-18-months |
|
| Details | Url | 1 | https://blog.emsisoft.com/en/38840/ransomware-profile-mespinoza-pysa |
|
| Details | Url | 1 | https://www.cynet.com/attack-techniques-hands-on/cynet-ransomware-report-mespinoza |
|
| Details | Url | 1 | https://www.cybereason.com/blog/threat-analysis-report-inside-the-destructive-pysa-ransomware |
|
| Details | Url | 1 | https://blog.malwarebytes.com/detections/ransom-mespinoza |
|
| Details | Windows Registry Key | 98 | HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System |