ioc[.]one - OSINT Cyber Threat Intelligence Database

BianLian: New Ransomware variant on the rise

Tags

cmtmf-attack-pattern:

Command And Scripting Interpreter Masquerading

attack-pattern:

Data Command And Scripting Interpreter - T1623 Data Encrypted For Impact - T1471 Data Encrypted For Impact - T1486 Replication Through Removable Media - T1458 File And Directory Discovery - T1420 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 System Information Discovery - T1426 Security Software Discovery - T1418.001 Security Software Discovery - T1518.001 Software - T1592.002 Software Discovery - T1518 Software Packing - T1027.002 Software Packing - T1406.002 Virtualization/Sandbox Evasion - T1497 Virtualization/Sandbox Evasion - T1633 Command-Line Interface - T1059 File And Directory Discovery - T1083 Masquerading - T1036 Obfuscated Files Or Information - T1027 Peripheral Device Discovery - T1120 Replication Through Removable Media - T1091 Security Software Discovery - T1063 Software Packing - T1045 System Information Discovery - T1082 User Execution - T1204 Masquerading Replication Through Removable Media User Execution

Show in Graph

Common Information

Type	Value
UUID	6b0f609b-d1a4-4d26-ae57-5c9580b58a65
Fingerprint	8ed5227128fb8241
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 18, 2022, midnight
Added to db	Oct. 24, 2023, 1:40 p.m.
Last updated	Nov. 17, 2024, 6:56 p.m.
Headline	BianLian: New Ransomware variant on the rise
Title	BianLian: New Ransomware variant on the rise
Detected Hints/Tags/Attributes	69/2/23

Source URLs

	Redirection	Url
Details	Redirection	https://blog.cyble.com/2022/08/18/bianlian-new-ransomware-variant-on-the-rise/
Details	Source	https://cyble.com/blog/bianlian-new-ransomware-variant-on-the-rise/

URL Provider

Details	Provider	Source level domain
Details	cyble.com	cyble.com
Details	cyble.com	blog.cyble.com

Attributes

Details	Type	#Events	CTI	Value
Details	File	13		instruction.txt
Details	File	52		pagefile.sys
Details	File	143		thumbs.db
Details	File	193		ntuser.dat
Details	File	10		swapfile.sys
Details	File	1		new_one.exe
Details	md5	1		0c756fc8f34e409650cd910b5e2a3f00
Details	md5	1		08e76dd242e64bb31aec09db8464b28f
Details	sha1	1		70d1d11e3b295ec6280ab33e7b129c17f40a6d2f
Details	sha1	1		3f3f62c33030cfd64dba2d4ecb1634a9042ba292
Details	sha256	5		eaf5e26c5e73f3db82cd07ea45e4d244ccb3ec3397ab5263a1a74add7bbcb6e2
Details	sha256	7		1fd07b8d1728e416f897bef4f1471126f9b18ef108eb952f4b75050da22e8e43
Details	MITRE ATT&CK Techniques	420		T1204
Details	MITRE ATT&CK Techniques	695		T1059
Details	MITRE ATT&CK Techniques	238		T1497
Details	MITRE ATT&CK Techniques	627		T1027
Details	MITRE ATT&CK Techniques	348		T1036
Details	MITRE ATT&CK Techniques	1006		T1082
Details	MITRE ATT&CK Techniques	585		T1083
Details	MITRE ATT&CK Techniques	185		T1518
Details	MITRE ATT&CK Techniques	188		T1120
Details	MITRE ATT&CK Techniques	472		T1486
Details	MITRE ATT&CK Techniques	55		T1091