REvil Ransomware: The GandCrab Connection
Tags
| country: | Italy United States Of America |
| attack-pattern: | Data Direct Model Impersonation - T1656 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Software - T1592.002 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | b339928d-ae78-44ee-84fe-16e08322d803 |
| Fingerprint | a5955d2df501a7cd |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Sept. 24, 2019, midnight |
| Added to db | Sept. 26, 2022, 9:31 a.m. |
| Last updated | Nov. 17, 2024, 6:49 p.m. |
| Headline | REvil: The GandCrab Connection |
| Title | REvil Ransomware: The GandCrab Connection |
| Detected Hints/Tags/Attributes | 71/2/9 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.secureworks.com/blog/revil-the-gandcrab-connection |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 49 | cve-2018-8453 |
|
| Details | File | 1260 | explorer.exe |
|
| Details | md5 | 1 | bed6fc04aeb785815744706239a1f243 |
|
| Details | md5 | 1 | 65aa793c000762174b2f86077bdafaea |
|
| Details | md5 | 1 | 2abff29b4d87f30f011874b6e98959e9 |
|
| Details | md5 | 1 | 4af953b20f3a1f165e7cf31d6156c035 |
|
| Details | md5 | 1 | 3cae02306a95564b1fff4ea45a7dfc00 |
|
| Details | md5 | 1 | 6e3efb83299d800edf1624ecbc0665e7 |
|
| Details | Pdb | 1 | rwenc_exe_x86_debug.pdb |