Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware - RedPacket Security
Tags
country: Finland Russia
maec-delivery-vectors: Watering Hole
attack-pattern: Credentials - T1589.001 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Software - T1592.002 Vulnerabilities - T1588.006 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 1674c076-eb5f-40dc-9881-c7e82decdd84
Fingerprint 878bcc43432e93ef
Analysis status DONE
Considered CTI value 2
Text language
Published April 27, 2023, 1:02 p.m.
Added to db April 27, 2023, 2:14 p.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline RedPacket Security
Title Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware - RedPacket Security
Detected Hints/Tags/Attributes 54/3/7
Source URLs
Redirection Url
Details Source https://www.redpacketsecurity.com/microsoft-confirms-papercut-servers-used-to-deliver-lockbit-and-cl-p-ransomware/
URL Provider
Details Provider Source level domain
Details redpacketsecurity.com www.redpacketsecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 361 RedPacket Security https://www.redpacketsecurity.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 54 
cve-2023-27351
Details CVE 85 
cve-2023-27532
Details File 137 
conhost.exe
Details Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development) 39 
DEV-0950
Details Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development) 9 
DEV-0856
Details Threat Actor Identifier - FIN 127 
FIN11
Details Threat Actor Identifier - FIN 377 
FIN7