ioc[.]one - OSINT Cyber Threat Intelligence Archive

FunkSec – Alleged Top Ransomware Group Powered by AI - Check Point Research

Show in Graph Show in Archive Viewer

Common Information

Type	Value
UUID	58550a56-5186-4cbe-ab51-e6b62f489e96
Fingerprint	bf10932988d187d3
Analysis status	DONE
Considered CTI value	2
Text language
Published	Jan. 10, 2025, noon
Added to db	Jan. 10, 2025, 1:49 p.m.
Last updated	June 22, 2025, 8:17 a.m.
Headline	FunkSec – Alleged Top Ransomware Group Powered by AI
Title	FunkSec – Alleged Top Ransomware Group Powered by AI - Check Point Research
Detected Hints/Tags/Attributes	341/3/35

Archive Viewer

Source URLs

	Redirection	Url
Details	Source	https://research.checkpoint.com/2025/funksec-alleged-top-ransomware-group-powered-by-ai/

URL Provider

Details	Provider	Source level domain
Details	checkpoint.com	research.checkpoint.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	561	✔	Check Point Research	https://research.checkpoint.com/feed/	2025-06-08 08:06

Attributes

Details	Type	#Events	Value
Details	Domain	173	checkpoint.com
Details	Domain	222	research.checkpoint.com
Details	Domain	1	ransomware.rs
Details	Domain	2	readme.me
Details	Domain	1	orion.rs
Details	File	1	dev.exe
Details	File	198	chrome.exe
Details	File	106	firefox.exe
Details	File	131	msedge.exe
Details	File	747	explorer.exe
Details	File	131	outlook.exe
Details	File	11	vlc.exe
Details	File	17	spotify.exe
Details	File	45	skype.exe
Details	File	13	discord.exe
Details	File	59	steam.exe
Details	File	67	java.exe
Details	File	58	python.exe
Details	File	31	node.exe
Details	File	1608	cmd.exe
Details	File	962	powershell.exe
Details	File	85	taskmgr.exe
Details	File	15	wmplayer.exe
Details	File	8	tscon.exe
Details	File	267	notepad.exe
Details	sha256	2	5226ea8e0f516565ba825a1bbed10020982c16414750237068b602c5b4ac6abd
Details	sha256	2	c233aec7917cf34294c19dd60ff79a6e0fac5ed6f0cb57af98013c08201a7a1c
Details	sha256	2	66dbf939c00b09d8d22c692864b68c4a602e7a59c4b925b2e2bef57b1ad047bd
Details	sha256	2	dcf536edd67a98868759f4e72bcbd1f4404c70048a2a3257e77d8af06cb036ac
Details	sha256	2	b1ef7b267d887e34bf0242a94b38e7dc9fd5e6f8b2c5c440ce4ec98cc74642fb
Details	sha256	2	e622f3b743c7fc0a011b07a2e656aa2b5e50a4876721bcf1f405d582ca4cda22
Details	sha256	2	20ed21bfdb7aa970b12e7368eba8e26a711752f1cc5416b6fd6629d0e2a44e5d
Details	sha256	2	dd15ce869aa79884753e3baad19b0437075202be86268b84f3ec2303e1ecd966
Details	sha256	2	7e223a685d5324491bcacf3127869f9f3ec5d5100c5e7cb5af45a227e6ab4603
Details	Url	2	https://research.checkpoint.com/2025/funksec-alleged-top-ransomware-group-powered-by-ai/