ioc[.]one - OSINT Cyber Threat Intelligence Database

Moisha Ransomware In Action

Tags

cmtmf-attack-pattern:

Command And Scripting Interpreter Obfuscated Files Or Information

attack-pattern:

Data Command And Scripting Interpreter - T1623 Data Encrypted For Impact - T1471 Data Encrypted For Impact - T1486 File And Directory Discovery - T1420 Indicator Removal On Host - T1630 Inhibit System Recovery - T1490 Malware - T1587.001 Malware - T1588.001 Obfuscated Files Or Information - T1406 Process Discovery - T1424 System Information Discovery - T1426 Powershell - T1059.001 Security Software Discovery - T1418.001 Security Software Discovery - T1518.001 Service Stop - T1489 Software - T1592.002 Software Discovery - T1518 Command-Line Interface - T1059 File And Directory Discovery - T1083 Indicator Removal On Host - T1070 Network Service Scanning - T1046 Obfuscated Files Or Information - T1027 Powershell - T1086 Process Discovery - T1057 Security Software Discovery - T1063 System Information Discovery - T1082 User Execution - T1204 Indicator Removal On Host Service Stop User Execution

Show in Graph

Common Information

Type	Value
UUID	7f1406e0-ce86-423b-9287-e10a2e3c9aa7
Fingerprint	b615283104718259
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 25, 2022, midnight
Added to db	Oct. 24, 2023, 1:40 p.m.
Last updated	Nov. 18, 2024, 10:33 a.m.
Headline	Moisha Ransomware In Action
Title	Moisha Ransomware In Action
Detected Hints/Tags/Attributes	75/2/18

Source URLs

	Redirection	Url
Details	Redirection	https://blog.cyble.com/2022/08/25/moisha-ransomware-in-action/
Details	Source	https://cyble.com/blog/moisha-ransomware-in-action/

URL Provider

Details	Provider	Source level domain
Details	cyble.com	cyble.com
Details	cyble.com	blog.cyble.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	7		system.io.directory
Details	File	1211		powershell.exe
Details	File	345		vssadmin.exe
Details	md5	1		d197883d8745a61fe25aebea85622a65
Details	sha1	1		5d22d359e7b8dc70ccf5e369fb07f2e0960ef76f
Details	sha256	1		b3ebc327773f5f846deeb1255475644a630c4d0d3b4eda3bbf995a36599c07cf
Details	MITRE ATT&CK Techniques	420		T1204
Details	MITRE ATT&CK Techniques	695		T1059
Details	MITRE ATT&CK Techniques	627		T1027
Details	MITRE ATT&CK Techniques	247		T1070
Details	MITRE ATT&CK Techniques	1007		T1082
Details	MITRE ATT&CK Techniques	585		T1083
Details	MITRE ATT&CK Techniques	185		T1518
Details	MITRE ATT&CK Techniques	433		T1057
Details	MITRE ATT&CK Techniques	168		T1046
Details	MITRE ATT&CK Techniques	473		T1486
Details	MITRE ATT&CK Techniques	197		T1489
Details	MITRE ATT&CK Techniques	276		T1490