Ransomware Gang Uses Remote Execution Utilities
Tags
country: Poland Russia Ukraine
attack-pattern: Data Credentials - T1589.001 Lsass Memory - T1003.001 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Scheduled Task - T1053.005 Tool - T1588.002 Powershell - T1086 Scheduled Task - T1053
Show in Graph
Common Information
Type Value
UUID 43a3cf95-7f09-4e1e-b503-8fb1ca202c05
Fingerprint a218c18996019748
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 17, 2022, 6:16 a.m.
Added to db Oct. 17, 2022, 9:37 a.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline New “Prestige” Ransomware Uses Remote Execution Utilities to Launch Destructive Attacks
Title Ransomware Gang Uses Remote Execution Utilities
Detected Hints/Tags/Attributes 32/2/2
Source URLs
Redirection Url
Details Source https://gbhackers.com/ransomware-uses-remote-execution-utilities/
URL Provider
Details Provider Source level domain
Details gbhackers.com gbhackers.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 163 https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 69 
comsvcs.dll
Details File 59 
ntdsutil.exe