ioc[.]one - OSINT Cyber Threat Intelligence Database

Yashma Ransomware, Tracing the Chaos Family Tree

Tags

country:	Russia Ukraine
attack-pattern:	Data Credentials - T1589.001 Data Destruction - T1662 Data Destruction - T1485 Malware - T1587.001 Malware - T1588.001 Screen Capture - T1513 Software - T1592.002 Graphical User Interface - T1061 Screen Capture - T1113 Data Destruction Graphical User Interface Screen Capture

Show in Graph

Common Information

Type	Value
UUID	746cddd6-2b7e-47f7-9d07-87201bc77fba
Fingerprint	a534095d056b247c
Analysis status	DONE
Considered CTI value	2
Text language
Published	May 24, 2022, 1:01 a.m.
Added to db	Sept. 11, 2022, 12:36 p.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	Yashma Ransomware, Tracing the Chaos Family Tree
Title	Yashma Ransomware, Tracing the Chaos Family Tree
Detected Hints/Tags/Attributes	104/2/24

Source URLs

	Redirection	Url
Details	Source	https://blogs.blackberry.com/en/2022/05/yashma-ransomware-tracing-the-chaos-family-tree

URL Provider

Details	Provider	Source level domain
Details	blackberry.com	blogs.blackberry.com

Attributes

Details	Type	#Events	Value
Details	Domain	33	www.apache.org
Details	Domain	37	www.blackberry.com
Details	File	1122	svchost.exe
Details	File	55	read_it.txt
Details	File	131	tar.gz
Details	File	8	pe.dat
Details	File	3	%appdata%\roaming\svchost.exe
Details	md5	22	f34d5f2d4577ed6d9ceec516c1f5a744
Details	sha256	3	0d8b4a07e91e02335f600332644e8f0e504f75ab19899a58b2c85ecb0887c738
Details	sha256	1	f41962f51583d08ed7ca796b125f2300e03035b8790590e8e2d036f53bd9be79
Details	sha256	2	325dfac6172cd279715ca8deb280eefe3544090f1583a2ddb5d43fc7fe3029ed
Details	sha256	1	202e6f0501abaf85b5c53bafcd70e31aa20e65c140f13b15d45e60c00b0413c0
Details	sha256	1	a98bc2fcbe8b3c7ea9df3712599a958bae0b689ae29f33ee1848af7a038d518a
Details	sha256	1	1d71add7ecfe9be642a84d080dfbc4b602a0f49239938a337c7c860eb7edf3fe
Details	sha256	1	31c783b0211bf4b72f10b6dac6f933b7aba570ff7a8c608fd8eb46311aec0091
Details	sha256	1	392a3adb44ab2640290f88f751d7608bc66a1c7df845fa1d0baa0aea78ac7a49
Details	sha256	1	f3432c74402aa36468d6641d5ccc15c1e0ceb083bc0f7e73d2b5dbfa0cfb9974
Details	sha256	1	77f3cddd3cb245b2645b4885ebf2080f7c23f7101f4c3ce27239ea0326a8fcc5
Details	sha256	1	fac94a8e02f92d63cfdf1299db27e40410da46c9e86d8bb2cd4b1a0d68d5f7a2
Details	sha256	1	6562f92ba9d4784bf30e87681e538e0f7b8eff26811ace6be8970b0a8e3e3ca0
Details	sha256	1	7a7f9b043b83184a537e09b76b811546d3032c776246d28ae0e4f6ca5f9f92b8
Details	sha256	1	8f236217c4e280b4950cedccbc6bbd03f31902525a7f9fe98b6de5bb50787cfb
Details	Url	20	https://www.apache.org/licenses/license-2.0
Details	Url	17	https://www.blackberry.com/us/en/forms/cylance/handraiser/emergency-incident-response-containment