New Qilin.B Ransomware Variant Emerges with Improved Encryption and Evasion Tactics - CyberSRC
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Model Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Firmware - T1592.003 Ip Addresses - T1590.005 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Remote Desktop Protocol - T1021.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 Modify Registry - T1112 Powershell - T1086 Remote Desktop Protocol - T1076
Show in Graph
Common Information
Type Value
UUID 143e066e-5d06-4822-937a-0cfa0f64a630
Fingerprint 8510085b4252b65b
Analysis status DONE
Considered CTI value 1
Text language
Published Oct. 25, 2024, 4:38 a.m.
Added to db Oct. 25, 2024, 6:42 a.m.
Last updated Nov. 17, 2024, 6:49 p.m.
Headline New Qilin.B Ransomware Variant Emerges with Improved Encryption and Evasion Tactics
Title New Qilin.B Ransomware Variant Emerges with Improved Encryption and Evasion Tactics - CyberSRC
Detected Hints/Tags/Attributes 118/2/13
Source URLs
Redirection Url
Details Source https://cybersrcc.com/2024/10/25/new-qilin-b-ransomware-variant-emerges-with-improved-encryption-and-evasion-tactics/
URL Provider
Details Provider Source level domain
Details cybersrcc.com cybersrcc.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 94 CyberSRC https://cybersrcc.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 64 
cve-2023-28771
Details CVE 168 
cve-2021-34473
Details Domain 5 
malicious-website.com
Details Domain 1 
attackersite.xyz
Details Domain 1 
ransomid.onion
Details File 367 
readme.txt
Details File 1 
recover_files.html
Details File 4 
decrypt_instructions.txt
Details File 119 
sqlservr.exe
Details File 1 
veeamservice.exe
Details File 14 
vmware.exe
Details Url 1 
http://ransomid.onion
Details Windows Registry Key 188 
HKCU\Software\Microsoft\Windows\CurrentVersion\Run