Medusa Ransomware technical analysis report
Tags
attack-pattern: Data Model Malware - T1587.001 Malware - T1588.001 Remote Desktop Protocol - T1021.001 Scheduled Task - T1053.005 System Services - T1569 Vulnerabilities - T1588.006 Remote Desktop Protocol - T1076 Scheduled Task - T1053
Show in Graph
Common Information
Type Value
UUID 8b0ae185-e939-4148-b18e-0e8eb11a485f
Fingerprint 9c3638702cf62652
Analysis status DONE
Considered CTI value 2
Text language
Published April 15, 2023, 2:11 a.m.
Added to db April 15, 2023, 4:16 a.m.
Last updated Nov. 17, 2024, 5:56 p.m.
Headline Medusa Ransomware technical analysis report
Title Medusa Ransomware technical analysis report
Detected Hints/Tags/Attributes 37/1/8
Source URLs
Redirection Url
Details Source https://medium.com/@almohandesmesho/medusa-ransomware-technical-analysis-report-35a5602ea73a?source=rss------reverse_engineering-5
URL Provider
Details Provider Source level domain
Details medium.com medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 172 Reverse Engineering on Medium https://medium.com/feed/tag/reverse-engineering 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 272 
outlook.com
Details Domain 144 
cock.li
Details Email 2 
rdp_unlock@outlook.com
Details Email 2 
rdpunlock@cock.li
Details File 41 
svhost.exe
Details md5 1 
762eaa081c9f641aba9ab75b7ae6ee09
Details sha1 1 
97f2ba64780efd18943e2cfd67f18df90e0bf39a
Details sha256 2 
36baceccfe27fb8b1be3d4f0a9e81b9028640aeedf068d71b3a6d080e698a793