Know Your Adversary: Cuba Ransomware
Common Information
Type Value
UUID b26062fe-6bd4-4da8-b686-736e2a5d91e0
Fingerprint bf1600511b54b65e
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 3, 2023, 8:04 p.m.
Added to db Jan. 16, 2023, 3:49 p.m.
Last updated Nov. 17, 2024, 6:56 p.m.
Headline Know Your Adversary: Cuba Ransomware
Title Know Your Adversary: Cuba Ransomware
Detected Hints/Tags/Attributes 71/4/43
Attributes
Details Type #Events CTI Value
Details Domain 144
cock.li
Details Domain 469
www.cisa.gov
Details Domain 167
www.ic3.gov
Details Domain 224
unit42.paloaltonetworks.com
Details Domain 18
speakerdeck.com
Details Email 3
magikkey@cock.li
Details Email 3
berkberk@cock.li
Details Email 3
sonom@cock.li
Details Email 3
filebase@cock.li
Details Email 5
cloudkey@cock.li
Details Email 4
frankstore@cock.li
Details File 3
211203-2.pdf
Details sha256 5
f1103e627311e73d5f29e877243e7ca203292f9419303c661aec57745eb4f26c
Details sha256 5
a7c207b9b83648f69d6387780b1168e2f1eabd23ae6e162dd700ae8112f8b96c
Details sha256 5
02a733920c7e69469164316e3e96850d55fca9f5f9d19a241fad906466ec8ae8
Details sha256 5
bff4dd37febd5465e0091d9ea68006be475c0191bd8c7a79a44fbf4b99544ef1
Details sha256 5
857f28b8fe31cf5db6d45d909547b151a66532951f26cda5f3320d2d4461b583
Details sha256 5
ecefd9bb8b3783a81ab934b44eb3d84df5e58f0289f089ef6760264352cf878a
Details IPv4 18
193.23.244.244
Details IPv4 6
144.172.83.13
Details IPv4 4
216.45.55.30
Details IPv4 4
94.103.9.79
Details IPv4 6
149.255.35.131
Details IPv4 4
217.79.43.148
Details IPv4 4
192.137.101.46
Details IPv4 5
154.35.175.225
Details IPv4 4
222.252.53.33
Details MITRE ATT&CK Techniques 15
T1584.001
Details MITRE ATT&CK Techniques 306
T1078
Details MITRE ATT&CK Techniques 191
T1133
Details MITRE ATT&CK Techniques 542
T1190
Details MITRE ATT&CK Techniques 409
T1566
Details MITRE ATT&CK Techniques 208
T1068
Details MITRE ATT&CK Techniques 298
T1562.001
Details MITRE ATT&CK Techniques 8
T1563.002
Details MITRE ATT&CK Techniques 173
T1003.001
Details MITRE ATT&CK Techniques 36
T1558.003
Details MITRE ATT&CK Techniques 152
T1090
Details Url 3
https://www.cisa.gov/uscert/ncas/alerts/aa22-335a
Details Url 3
https://www.ic3.gov/media/news/2021/211203-2.pdf
Details Url 4
https://unit42.paloaltonetworks.com/cuba-ransomware-tropical-scorpius
Details Url 3
https://www.picussecurity.com/resource/blog/cisa-alert-aa22-335a-cuba-ransomware-analysis-simulation-ttps-iocs
Details Url 3
https://speakerdeck.com/fr0gger/technical-analysis-of-cuba-ransomware