Ransomware - Akira and Rapture
Tags
country: Canada
maec-delivery-vectors: Watering Hole
attack-pattern: Data Ip Addresses - T1590.005 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Multi-Factor Authentication - T1556.006 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Remote Desktop Protocol - T1021.001 Software - T1592.002 Vulnerabilities - T1588.006 Brute Force - T1110 Powershell - T1086 Remote Desktop Protocol - T1076
Show in Graph
Common Information
Type Value
UUID 9248aa4e-8c98-4be0-bdc1-73ea8e607da4
Fingerprint a630c0fb8e37b24e
Analysis status DONE
Considered CTI value 2
Text language
Published May 9, 2023, midnight
Added to db June 5, 2023, 11:50 a.m.
Last updated Nov. 17, 2024, 6:53 p.m.
Headline Ransomware - Akira and Rapture
Title Ransomware - Akira and Rapture
Detected Hints/Tags/Attributes 101/3/30
Source URLs
Redirection Url
Details Source https://www.avertium.com/resources/threat-reports/ransomware-akira-and-rapture
URL Provider
Details Provider Source level domain
Details avertium.com www.avertium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 274 Threat Reports https://www.avertium.com/resources/threat-reports/rss.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 140 
cve-2023-27350
Details CVE 54 
cve-2023-27351
Details Domain 132 
trendmicro.com
Details Domain 544 
sensorstechforum.com
Details Domain 26 
thecyberexpress.com
Details Domain 4 
enigmasoftware.com
Details Domain 17 
malwarebytes.com
Details File 3 
e:\its.log
Details File 3 
aps.log
Details File 3 
7qzxid-readme.txt
Details File 3 
qisgqu-readme.txt
Details sha1 1 
76beb70b06cfe714c4fa250b6b2d1e5025fe3c50
Details sha1 1 
30d49ced95cb9a0fb6526b30131501b28cbbc388
Details sha1 1 
24e7848dab0b82b200781630e617d6ed7e6016e7
Details sha1 1 
f2e6853050f76517a9a7d472f3a994d0ae8411cf
Details sha1 1 
5e6d77960065df450e0533f9a8409c7463292243
Details sha1 1 
688d67eb4ff993963c86297ab8345962334ead27
Details sha1 1 
bdb3fa0c50db18f7ada02b2060b4c5110016e859
Details sha1 1 
843f3ad221a9da48d82df672bd8806cc090430b5
Details sha1 1 
9a14a69eb279513cde2de0be538cc8d275fd34e9
Details sha256 1 
c417a89cdc86ea6d674d2dc629ae1872b4054ac43e948e8ed60d3f3f47178598
Details sha256 1 
a6cd727a18e5e2a80fbd8a51c299a2030bd5e68e4bbf136e07eb9d0b3f3bb8ce
Details sha256 1 
619614cda94a4b6b185c0c122d11ef2b8b0b3e7fc94a1a5c2ff1ac49233df54b
Details sha256 1 
4222681314f5ffd69fe17ab2ae4b9aaa60866571fe2b53afc10f87e3738cedda
Details sha256 1 
b44b4e162de1decc9a5d3c61a045eb4776c55fccd33c9eced5b9f622faee19fa
Details sha256 1 
367e13f234a46822aa9655690f18000319123ad07a62e56bcf8bebbfbb0de7b9
Details sha256 1 
99331170be7aa48d572728f68e52ac8d3eb3c8307cb8050ce504ef9f4624a4ba
Details sha256 1 
d793aaaba1b4b34a20432b86505b851d838def0cd722b8cbdd1d08e19a08b6ee
Details IPv4 3 
195.123.234.101
Details IPv4 1 
172.82.86.148