FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks
Tags
attack-pattern: Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 80cc14ae-e219-4074-9fa4-5f20424660a9
Fingerprint a726a91b06b38691
Analysis status DONE
Considered CTI value 1
Text language
Published July 18, 2023, 3:49 p.m.
Added to db July 18, 2023, 12:28 p.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks
Title FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks
Detected Hints/Tags/Attributes 30/1/3
Source URLs
Redirection Url
Details Source https://thehackernews.com/2023/07/fin8-group-using-modified-sardonic.html
URL Provider
Details Provider Source level domain
Details thehackernews.com thehackernews.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 118 The Hacker News https://feeds.feedburner.com/TheHackersNews 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 142 
wmiprvse.exe
Details File 478 
lsass.exe
Details Threat Actor Identifier - FIN 68 
FIN8