LockBit Ransomware Disguised as Copyright Claim E-mail Being Distributed - ASEC BLOG
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Msbuild - T1127.001 Phishing - T1660 Phishing - T1566 |
Common Information
| Type | Value |
|---|---|
| UUID | 453f009e-fd0b-45e0-866d-972b5478b40c |
| Fingerprint | a000887b413b967c |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | June 24, 2022, 2:50 p.m. |
| Added to db | Sept. 11, 2022, 12:37 p.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | LockBit Ransomware Disguised as Copyright Claim E-mail Being Distributed |
| Title | LockBit Ransomware Disguised as Copyright Claim E-mail Being Distributed - ASEC BLOG |
| Detected Hints/Tags/Attributes | 30/2/18 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://asec.ahnlab.com/en/35822/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 323 | winword.exe |
|
| Details | File | 13 | qbdbmgr.exe |
|
| Details | File | 14 | 360doctor.exe |
|
| Details | File | 86 | service.exe |
|
| Details | File | 3 | autorunsc64a.exe |
|
| Details | File | 25 | sysmon.exe |
|
| Details | File | 25 | sysmon64.exe |
|
| Details | File | 5 | procexp64a.exe |
|
| Details | File | 74 | procmon.exe |
|
| Details | File | 27 | procmon64.exe |
|
| Details | File | 3 | procmon64a.exe |
|
| Details | File | 56 | processhacker.exe |
|
| Details | File | 351 | recycle.bin |
|
| Details | File | 38 | restore-my-files.txt |
|
| Details | File | 3 | reputation.c4 |
|
| Details | File | 7 | mdp.sys |
|
| Details | md5 | 1 | 3a05e519067bea559491f6347dd6d296 |
|
| Details | md5 | 1 | 74a53d9db6b2358d3e5fe3accf0cb738 |