Unwrapping the emerging Interlock ransomware attack
Tags
cmtmf-attack-pattern: Masquerading
maec-delivery-vectors: Watering Hole
attack-pattern: Data Model Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Kerberoasting - T1558.003 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Multi-Factor Authentication - T1556.006 Powershell - T1059.001 Remote Desktop Protocol - T1021.001 Rundll32 - T1218.011 Server - T1583.004 Server - T1584.004 Thread Local Storage - T1055.005 Tool - T1588.002 Vulnerabilities - T1588.006 Kerberoasting - T1208 Masquerading - T1036 Powershell - T1086 Remote Desktop Protocol - T1076 Rundll32 - T1085 Masquerading
Show in Graph
Common Information
Type Value
UUID 33907fc8-2210-47c8-a087-2fd3b7e061a2
Fingerprint 8423381b1637b605
Analysis status DONE
Considered CTI value 0
Text language
Published Nov. 7, 2024, noon
Added to db Nov. 7, 2024, 1:51 p.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline Unwrapping the emerging Interlock ransomware attack
Title Unwrapping the emerging Interlock ransomware attack
Detected Hints/Tags/Attributes 112/3/17
Source URLs
Redirection Url
Details Source https://malware.news/t/unwrapping-the-emerging-interlock-ransomware-attack/88210
URL Provider
Details Provider Source level domain
Details malware.news malware.news
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 158 Malware Analysis, News and Indicators - Latest topics https://malware.news/latest.rss 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 3 
2mail.co
Details Domain 4 
apple-online.shop
Details Domain 904 
snort.org
Details File 2 
upd_2327991.exe
Details File 18 
chromesetup.exe
Details File 2125 
cmd.exe
Details File 2 
cht.exe
Details File 2 
klg.dll
Details File 1018 
rundll32.exe
Details File 2 
sysmon.sys
Details File 2 
tfsysmon.sys
Details File 41 
key4.db
Details File 3 
chrgetpdsi.txt
Details File 3 
conhost.txt
Details File 137 
conhost.exe
Details File 351 
recycle.bin
Details File 143 
thumbs.db