ioc[.]one - OSINT Cyber Threat Intelligence Database

Эволюция Mallox: от частного шифровальщика до RaaS

Tags

attack-pattern:

Show in Graph

Common Information

Type	Value
UUID	8a28227a-27e9-42a6-8c7a-649ebfeaff63
Fingerprint	7edc60b256d56a41
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 4, 2024, 1 p.m.
Added to db	Sept. 4, 2024, 12:29 p.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	Как менялся шифровальщик Mallox: детальный анализ
Title	Эволюция Mallox: от частного шифровальщика до RaaS
Detected Hints/Tags/Attributes	32/1/28

Source URLs

	Redirection	Url
Details	Source	https://securelist.ru/mallox-ransomware/110314/

URL Provider

Details	Provider	Source level domain
Details	securelist.ru	securelist.ru

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	224	✔	Securelist	https://securelist.ru/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CVE	7	cve-2019-1068
Details	CVE	24	cve-2020-0618
Details	Domain	339	system.net
Details	File	2125	cmd.exe
Details	File	2	%appdata%\alta.ps1
Details	File	2	scavenger.exe
Details	File	2	%appdata%\box.bat
Details	File	345	vssadmin.exe
Details	File	6	debuglog.txt
Details	File	2	mallox.exe
Details	File	140	files.txt
Details	File	45	information.txt
Details	File	19	recovery.txt
Details	md5	3	9b772efb921de8f172f21125dd0e0ff7
Details	md5	5	e98b3a8d2179e0bd0bebba42735d11b7
Details	md5	3	79b60f8b5052a9d4cc0c92c2cdc47485
Details	md5	3	e713f05a62914496eef512a93a611622
Details	md5	3	3829a09bca120206883539eb33d55311
Details	md5	3	a8e214683307adaff39783dc656b398a
Details	md5	3	ac1a255e5c908f12ef68a45fc0043b16
Details	md5	3	b1b42fa300d8f43c6deb98754caf0934
Details	md5	3	3762f98a55f0ec19702f388fc0db74e2
Details	md5	3	6bd93817967cdb61e0d7951382390fa0
Details	md5	3	c494342b6c84f649dece4df2d3ff1031
Details	md5	3	16e708876c32ff56593ba00931e0fb67
Details	md5	3	d32a3478aad766be96f0cdbda1f10091
Details	md5	3	98c7f6b6ddf6a01adb25457e9a3c52b8
Details	md5	3	b13a1e9c7ef5a51f64a58bae9b508e62