ioc[.]one - OSINT Cyber Threat Intelligence Database

Lynx Ransomware Threat Intel

Tags

cmtmf-attack-pattern:	Command And Scripting Interpreter Obfuscated Files Or Information
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Archive Via Utility - T1560.001 Command And Scripting Interpreter - T1623 Credentials - T1589.001 Data Encrypted For Impact - T1471 Data Encrypted For Impact - T1486 Defacement - T1491 Disable Or Modify Tools - T1562.001 Disable Or Modify Tools - T1629.003 Domains - T1583.001 Domains - T1584.001 Exfiltration Over Alternative Protocol - T1639 Exfiltration Over Web Service - T1567 Exfiltration To Cloud Storage - T1567.002 File And Directory Discovery - T1420 Impair Defenses - T1562 Impair Defenses - T1629 Internal Defacement - T1491.001 Malware - T1587.001 Malware - T1588.001 Obfuscated Files Or Information - T1406 Process Discovery - T1424 System Information Discovery - T1426 Phishing - T1660 Phishing - T1566 Remote Access Software - T1663 Service Execution - T1569.002 Software - T1592.002 System Services - T1569 Transfer Data To Cloud Account - T1537 Command-Line Interface - T1059 Data Staged - T1074 Exfiltration Over Alternative Protocol - T1048 File And Directory Discovery - T1083 Obfuscated Files Or Information - T1027 Process Discovery - T1057 Remote Access Tools - T1219 Service Execution - T1035 System Information Discovery - T1082 Valid Accounts - T1078 Valid Accounts

Show in Graph

Common Information

Type	Value
UUID	40344db6-a0b5-43f8-bd29-e14ada650228
Fingerprint	9a4308b10d94025b
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 18, 2024, 3:59 p.m.
Added to db	Nov. 18, 2024, 5:19 p.m.
Last updated	Nov. 20, 2024, 6:31 p.m.
Headline	Lynx Ransomware Threat Intel
Title	Lynx Ransomware Threat Intel
Detected Hints/Tags/Attributes	96/3/97

Source URLs

	Redirection	Url
Details	Redirection	https://sdsec12.com/lynx-ransomware-threat-intel-fef0956265d1?source=rss------cybersecurity-5
Details	Redirection	https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Fsdsec12.com%2Flynx-ransomware-threat-intel-fef0956265d1%3Fsource%3Drss------cybersecurity-5
Details	Source	https://sdsec12.com/lynx-ransomware-threat-intel-fef0956265d1?gi=fa33d02d92d1&source=rss------cybersecurity-5
Details	Redirection	https://medium.com/@sdsec12/lynx-ransomware-threat-intel-fef0956265d1?source=rss------cybersecurity-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com
Details	sdsec12.com	sdsec12.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	167	✔	Cybersecurity on Medium	https://medium.com/feed/tag/cybersecurity	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	6	lynxblog.net
Details	Domain	3	lynxblogxstgzsarfyk2pvhdv45igghb4zmthnzmsipzeoduruz3xwqd.onion
Details	Domain	3	lynxblogco7r37jt7p5wrmfxzqze7ghxw6rihzkqc455qluacwotciyd.onion
Details	Domain	3	lynxblogijy4jfoblgix2klxmkbgee4leoeuge7qt4fpfkj4zbi2sjyd.onion
Details	Domain	3	lynxblogmx3rbiwg3rpj4nds25hjsnrwkpxt5gaznetfikz4gz2csyad.onion
Details	Domain	3	lynxblogoxllth4b46cfwlop5pfj4s7dyv37yuy7qn2ftan6gd72hsad.onion
Details	Domain	3	lynxblogtwatfsrwj3oatpejwxk5bngqcd5f7s26iskagfu7ouaomjad.onion
Details	Domain	3	lynxblogxutufossaeawlij3j3uikaloll5ko6grzhkwdclrjngrfoid.onion
Details	Domain	4	lynxchatly4zludmhmi75jrwhycnoqvkxb4prohxmyzf4euf5gjxroad.onion
Details	Domain	6	lynxch2k5xi35j7hlbmwl7d6u2oz4vp2wqp6qkwol624cod3d6iqiyqd.onion
Details	Domain	4	lynxchatbykq2vycvyrtjqb3yuj4ze2wvdubzr2u6b632trwvdbsgmyd.onion
Details	Domain	3	lynxchatde4spv5x6xlwxf47jdo7wtwwgikdoeroxamphu3e7xx5doqd.onion
Details	Domain	3	lynxchatdy3tgcuijsqofhssopcepirjfq2f4pvb5qd4un4dhqyxswqd.onion
Details	Domain	3	lynxchatdykpoelffqlvcbtry6o7gxk3rs2aiagh7ddz5yfttd6quxqd.onion
Details	Domain	4	lynxchatfw4rgsclp4567i4llkqjr2kltaumwwobxdik3qa2oorrknad.onion
Details	Domain	4	lynxchatohmppv6au67lloc2vs6chy7nya7dsu2hhs55mcjxp2joglad.onion
Details	Domain	6	lynxbllrfr5262yvbgtqoyq76s7mpztcqkv6tjjxgpilpma7nyoeohyd.onion
Details	Domain	75	proton.me
Details	Domain	1377	twitter.com
Details	Email	4	martina.lestariid1898@proton.me
Details	File	369	readme.txt
Details	File	2	background-image.jpg
Details	File	84	crypt32.dll
Details	File	20	winspool.drv
Details	File	26	win.exe
Details	File	347	vssadmin.exe
Details	sha256	2	ecbfea3e7869166dd418f15387bc33ce46f2c72168f571071916b5054d7f6e49
Details	sha256	4	571f5de9dd0d509ed7e5242b9b7473c2b2cbb36ba64d38b32122a0a337d6cf8b
Details	sha256	4	eaa0e773eb593b0046452f420b6db8a47178c09e6db0fa68f6a2d42c3f48e3bc
Details	sha256	2	b378b7ef0f906358eec595777a50f9bb5cc7bb6635e0f031d65b818a26bdc4ee
Details	sha256	2	85699c7180ad77f2ede0b15862bb7b51ad9df0478ed394866ac7fa9362bf5683
Details	sha256	3	82eb1910488657c78bef6879908526a2a2c6c31ab2f0517fcc5f3f6aa588b513
Details	sha256	4	02472036db9ec498ae565b344f099263f3218ecb785282150e8565d5cac92461
Details	sha256	4	05e4f234a0f177949f375a56b1a875c9ca3d2bee97a2cb73fc2708914416c5a9
Details	sha256	4	11cfd8e84704194ff9c56780858e9bbb9e82ff1b958149d74c43969d06ea10bd
Details	sha256	4	1754c9973bac8260412e5ec34bf5156f5bb157aa797f95ff4fc905439b74357a
Details	sha256	4	1a7c754ae1933338c740c807ec3dcf5e18e438356990761fdc2e75a2685ebf4a
Details	sha256	3	29a25e971dbb87d3adcee75693782d978a3ca9f64df0a59b015ca519a4026c49
Details	sha256	4	3156ee399296d55e56788b487701eb07fd5c49db04f80f5ab3dc5c4e3c071be0
Details	sha256	4	36e3c83e50a19ad1048dab7814f3922631990578aab0790401bc67dbcc90a72e
Details	sha256	4	508a644d552f237615d1504aa1628566fe0e752a5bc0c882fa72b3155c322cef
Details	sha256	4	64b249eb3ab5993e7bcf5c0130e5f31cbd79dabdcad97268042780726e68533f
Details	sha256	4	7f104a3dfda3a7fbdd9b910d00b0169328c5d2facc10dc17b4378612ffa82d51
Details	sha256	4	869d6ae8c0568e40086fd817766a503bfe130c805748e7880704985890aca947
Details	sha256	4	9ac550187c7c27a52c80e1c61def1d3d5e6dbae0e4eaeacf1a493908ffd3ec7d
Details	sha256	4	ca9d2440850b730ba03b3a4f410760961d15eb87e55ec502908d2546cd6f598c
Details	sha256	4	d147b202e98ce73802d7501366a036ea8993c4c06cdfc6921899efdd22d159c6
Details	sha256	4	e17c601551dfded76ab99a233957c5c4acf0229b46cd7fc2175ead7fe1e3d261
Details	sha256	4	ee1d8ac9fef147f0751000c38ca5d72feceeaae803049a2cd49dcce15223b720
Details	sha256	4	f96ecd567d9a05a6adb33f07880eebf1d6a8709512302e363377065ca8f98f56
Details	sha256	5	fcefe50ed02c8d315272a94f860451bfd3d86fa6ffac215e69dfa26a7a5deced
Details	sha256	4	fef674fce37d5de43a4d36e86b2c0851d738f110a0d48bae4b2dab4c6a2c373e
Details	sha256	2	a5925db043e3142e31f21bc18549eb7df289d7c938d56dffe3f5905af11ab97a
Details	sha256	2	7ccea71dcec6042d83692ea9e1348f249b970af2d73c83af3f9d67c4434b2dd0
Details	sha256	2	5a8883ad96a944593103f2f7f3a692ea3cde1ede71cf3de6750eb7a044a61486
Details	sha256	2	463075274e328bd47d8092f4901e67f7fff6c5d972b5ffcf821d3c988797e8e3
Details	sha256	4	63e0d4e861048f581c9e5c64b28a053eb0023d58eebf2b943868d5f68a67a8b7
Details	sha256	3	a0ceb258924ef004fa4efeef4bc0a86012afdb858e855ed14f1bbd31ca2e42f5
Details	sha256	3	c41ab33986921c812c51e7a86bd3fd0691f5bba925fae612f1b717afaa2fe0ef
Details	MITRE ATT&CK Techniques	414	T1566
Details	MITRE ATT&CK Techniques	310	T1078
Details	MITRE ATT&CK Techniques	1008	T1082
Details	MITRE ATT&CK Techniques	588	T1083
Details	MITRE ATT&CK Techniques	435	T1057
Details	MITRE ATT&CK Techniques	632	T1027
Details	MITRE ATT&CK Techniques	300	T1562.001
Details	MITRE ATT&CK Techniques	142	T1219
Details	MITRE ATT&CK Techniques	117	T1560.001
Details	MITRE ATT&CK Techniques	68	T1074
Details	MITRE ATT&CK Techniques	34	T1537
Details	MITRE ATT&CK Techniques	698	T1059
Details	MITRE ATT&CK Techniques	176	T1569.002
Details	MITRE ATT&CK Techniques	477	T1486
Details	MITRE ATT&CK Techniques	31	T1491.001
Details	MITRE ATT&CK Techniques	94	T1048
Details	MITRE ATT&CK Techniques	102	T1567.002
Details	Pdb	1	e:\\lynx\\release\\lynx.pdb
Details	Pdb	1	lynx.pdb
Details	Url	3	http://lynxbllrfr5262yvbgtqoyq76s7mpztcqkv6tjjxgpilpma7nyoeohyd.onion
Details	Url	5	http://lynxbllrfr5262yvbgtqoyq76s7mpztcqkv6tjjxgpilpma7nyoeohyd.onion/disclosures
Details	Url	3	http://lynxblogco7r37jt7p5wrmfxzqze7ghxw6rihzkqc455qluacwotciyd.onion
Details	Url	3	http://lynxblogijy4jfoblgix2klxmkbgee4leoeuge7qt4fpfkj4zbi2sjyd.onion
Details	Url	3	http://lynxblogmx3rbiwg3rpj4nds25hjsnrwkpxt5gaznetfikz4gz2csyad.onion
Details	Url	3	http://lynxblogoxllth4b46cfwlop5pfj4s7dyv37yuy7qn2ftan6gd72hsad.onion
Details	Url	3	http://lynxblogtwatfsrwj3oatpejwxk5bngqcd5f7s26iskagfu7ouaomjad.onion
Details	Url	3	http://lynxblogxstgzsarfyk2pvhdv45igghb4zmthnzmsipzeoduruz3xwqd.onion
Details	Url	3	http://lynxblogxutufossaeawlij3j3uikaloll5ko6grzhkwdclrjngrfoid.onion
Details	Url	5	http://lynxch2k5xi35j7hlbmwl7d6u2oz4vp2wqp6qkwol624cod3d6iqiyqd.onion/login
Details	Url	4	http://lynxchatbykq2vycvyrtjqb3yuj4ze2wvdubzr2u6b632trwvdbsgmyd.onion/login
Details	Url	3	http://lynxchatde4spv5x6xlwxf47jdo7wtwwgikdoeroxamphu3e7xx5doqd.onion/login
Details	Url	3	http://lynxchatdy3tgcuijsqofhssopcepirjfq2f4pvb5qd4un4dhqyxswqd.onion/login
Details	Url	3	http://lynxchatdykpoelffqlvcbtry6o7gxk3rs2aiagh7ddz5yfttd6quxqd.onion/login
Details	Url	4	http://lynxchatfw4rgsclp4567i4llkqjr2kltaumwwobxdik3qa2oorrknad.onion/login
Details	Url	4	http://lynxchatly4zludmhmi75jrwhycnoqvkxb4prohxmyzf4euf5gjxroad.onion/login
Details	Url	4	http://lynxchatohmppv6au67lloc2vs6chy7nya7dsu2hhs55mcjxp2joglad.onion/login
Details	Url	4	http://lynxblog.net
Details	Url	2	https://twitter.com/rivitna2/status/1701739812733014313