Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs - Rewterz
Tags
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | afd72ac4-8b61-47c4-8a35-24c715dbe22a |
| Fingerprint | c793c5d17256b35b |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | July 21, 2022, 10:43 p.m. |
| Added to db | Dec. 19, 2024, 8:27 a.m. |
| Last updated | Dec. 20, 2024, 10:17 p.m. |
| Headline | Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs |
| Title | Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs - Rewterz |
| Detected Hints/Tags/Attributes | 28/1/11 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 4 | cve-2022-21532 |
|
| Details | CVE | 4 | cve-2022-21524 |
|
| Details | Domain | 145 | api.2ip.ua |
|
| Details | File | 135 | geo.json |
|
| Details | md5 | 1 | 1357e6a61e99e0fddf533cef785ea632 |
|
| Details | md5 | 1 | 1da4dde8a489e00088666d132efcbc97 |
|
| Details | sha1 | 1 | 15d426791fc5530731aad1e412265ad9ffddba3e |
|
| Details | sha1 | 1 | ef68a7825931e767937112f19f6acf78c4bab9bf |
|
| Details | sha256 | 1 | 4b6fe2291ceddafda1a6c11cc983dac68b7520276a407ab0430a26034dde9672 |
|
| Details | sha256 | 1 | 6f849668fe4eb04e86d1b4413655190ac8bf79a4e27c0470ca094a382b1abbc6 |
|
| Details | Url | 134 | https://api.2ip.ua/geo.json |