Kaspersky crimeware report: GoPIX, Lumar, and Rhysida.
Tags
| country: | Brazil |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | c40e98cc-b4cd-4c3c-a617-4671f70530de |
| Fingerprint | 8f26ba6bad3a2cc3 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 24, 2023, 10 a.m. |
| Added to db | Nov. 19, 2023, 10:30 p.m. |
| Last updated | Oct. 22, 2024, 8:42 p.m. |
| Headline | Stealer for PIX payment system, new Lumar stealer and Rhysida ransomware |
| Title | Kaspersky crimeware report: GoPIX, Lumar, and Rhysida. |
| Detected Hints/Tags/Attributes | 43/3/10 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://securelist.com/crimeware-report-gopix-lumar-rhysida/110871/ |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 223 | ✔ | Securelist | https://securelist.com/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 338 | kaspersky.com |
|
| Details | 28 | crimewareintel@kaspersky.com |
||
| Details | md5 | 3 | EB0B4E35A2BA442821E28D617DD2DAA2 |
|
| Details | md5 | 3 | 6BA5539762A71E542ECAC7CF59BDDF79 |
|
| Details | md5 | 3 | 333A34BD2A7C6AAF298888F3EF02C186 |
|
| Details | md5 | 4 | 5fc82bd3590eae30c26f1a42f4e711f4 |
|
| Details | md5 | 4 | 46b892398cfb1a1c59683fc8abfcc5fc |
|
| Details | md5 | 6 | 0c8e88877383ccd23a755f429006b437 |
|
| Details | md5 | 4 | 274be1fac3bab38af7483a476a2dea90 |
|
| Details | md5 | 4 | 36d142294f1ca4c4768dbe15b6553975 |