Old but still dangerous – Dharma ransomware via RDP intrusion | Darktrace Blog
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 3e1ebe81-cf60-466c-af64-311d4c3a8747 |
| Fingerprint | ad10291b8923de8b |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | May 5, 2020, midnight |
| Added to db | Aug. 13, 2023, 4:52 p.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | Old but still dangerous – Dharma ransomware via RDP intrusion |
| Title | Old but still dangerous – Dharma ransomware via RDP intrusion | Darktrace Blog |
| Detected Hints/Tags/Attributes | 123/3/17 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 101 | ✔ | — | https://de.darktrace.com/blog/rss.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 158 | aol.com |
|
| Details | Domain | 76 | ipfs.io |
|
| Details | Domain | 58 | image.thum.io |
|
| Details | Domain | 58 | logo.clearbit.com |
|
| Details | Domain | 58 | mku.ipfs.dweb.link |
|
| Details | Domain | 58 | filebase.com |
|
| Details | 1 | cov2020@aol.com |
||
| Details | File | 21 | encrypted.txt |
|
| Details | File | 58 | ob.html |
|
| Details | File | 58 | atob.html |
|
| Details | File | 58 | cpmk.htm |
|
| Details | IPv4 | 1 | 85.93.20.6 |
|
| Details | Threat Actor Identifier - APT | 522 | APT41 |
|
| Details | Url | 58 | https://ipfs.io/ipfs/qmfddxlwoliqfurx6duzcshxvbp1znm21h5jxgs1ffnxtp?filename=at |
|
| Details | Url | 58 | https://ipfs.io/ipfs/qmfddxlwoli |
|
| Details | Url | 58 | https://filebase.com/blog/ipfs-content-addressing-explained |
|
| Details | Url | 58 | https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/the-attack-of-the-chameleon-phishing-page |