ioc[.]one - OSINT Cyber Threat Intelligence Database

Anomali Threat Research Releases First Public Analysis of Smaug Ransomware as a Service

Tags

country:	Russia
attack-pattern:	Data Data Encrypted For Impact - T1471 Data Encrypted For Impact - T1486 Malware - T1587.001 Malware - T1588.001

Show in Graph

Common Information

Type	Value
UUID	b4351522-3d98-45c8-8911-d01c073d5399
Fingerprint	bd2039b99e2f866e
Analysis status	DONE
Considered CTI value	0
Text language
Published	Aug. 10, 2020, midnight
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Nov. 17, 2024, 6:56 p.m.
Headline	Anomali Threat Research Releases First Public Analysis of Smaug Ransomware as a Service
Title	Anomali Threat Research Releases First Public Analysis of Smaug Ransomware as a Service
Detected Hints/Tags/Attributes	67/2/14

Source URLs

	Redirection	Url
Details	Source	https://www.anomali.com/blog/anomali-threat-research-releases-first-public-analysis-of-smaug-ransomware-as-a-service

URL Provider

Details	Provider	Source level domain
Details	anomali.com	www.anomali.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	110		exploit.in
Details	Domain	396		protonmail.com
Details	Domain	11		rand.read
Details	Domain	1		smaugrwmaystthfxp72tlmdbrzlwdp2pxtpvtzvhkv5ppg3difiwonad.onion
Details	Domain	17		www.anomali.com
Details	Domain	8		pkg.go.dev
Details	Email	1		smaug-ransomware@protonmail.com
Details	File	28		tar.bz2
Details	File	5		hacked.txt
Details	MITRE ATT&CK Techniques	472		T1486
Details	Url	1		http://smaugrwmaystthfxp72tlmdbrzlwdp2pxtpvtzvhkv5ppg3difiwonad.onion
Details	Url	2		https://www.anomali.com/products.
Details	Url	1		https://pkg.go.dev/math/rand?tab=doc#seed
Details	Url	1		https://pkg.go.dev/crypto/rand?tab=doc#read