ioc[.]one - OSINT Cyber Threat Intelligence Database

Understanding the RuRansom Malware – A Retaliatory Wiper

Tags

country:	Brunei Russia Ukraine
attack-pattern:	Data Data Destruction - T1662 Data Destruction - T1485 Data Encrypted For Impact - T1471 Data Encrypted For Impact - T1486 File And Directory Discovery - T1420 Inhibit System Recovery - T1490 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 File And Directory Discovery - T1083 Powershell - T1086 Windows Management Instrumentation - T1047 Data Destruction

Show in Graph

Common Information

Type	Value
UUID	c500dd1e-4c36-4060-b979-edab5e74d926
Fingerprint	8c363f712e2426ba
Analysis status	DONE
Considered CTI value	2
Text language
Published	June 2, 2022, midnight
Added to db	Sept. 26, 2022, 9:33 a.m.
Last updated	Nov. 18, 2024, 1:38 a.m.
Headline	Understanding the RuRansom Malware – A Retaliatory Wiper
Title	Understanding the RuRansom Malware – A Retaliatory Wiper
Detected Hints/Tags/Attributes	56/2/54

Source URLs

	Redirection	Url
Details	Source	https://blogs.vmware.com/security/2022/04/ruransom-a-retaliatory-wiper.html

URL Provider

Details	Provider	Source level domain
Details	vmware.com	blogs.vmware.com

Attributes

Details	Type	#Events	Value
Details	Domain	129	api.ipify.org
Details	Domain	95	ip-api.com
Details	File	2127	cmd.exe
Details	File	3	россия-украина_война-обновление.doc
Details	File	3	russia-ukraine_war-update.doc
Details	File	2	полномасштабное_кибервторжение.txt
Details	File	1	full-scale_cyber-invasion.txt
Details	md5	1	5028a73d50a0a2bd0abe6a24c660cb65
Details	md5	1	4ecd4debe942f6a5e45732d8d073b5ec
Details	md5	1	318d857c4b4c12b1b5d67f37fad616e9
Details	md5	1	a6988a9060278741c0ba3e9028de1f97
Details	md5	1	9d298f3eaff0db4fb1f5b3160911e3ee
Details	md5	1	a938dbd999f4a1ba7d537c9181c8d902
Details	md5	1	84e5cf74ecbed6caa3e88b1e00e1dc0d
Details	md5	1	e5e98aa9efcd4bd83245524ff430b28e
Details	md5	1	013addcf6e3f3a2e7ff441ccdc0433ce
Details	md5	1	94a65c7f033faf7efb1348df4a79f498
Details	md5	4	8fe6f25fc7e8c0caab2fdca8b9a3be89
Details	md5	2	01ae141dd0fb97e69e6ea7d6bf22ab32
Details	md5	2	9c3316a9ff084ed4d0d072df5935f52d
Details	sha1	1	5104c127b4d56ffe93016582401c250630f6d274
Details	sha1	1	ed2b4ef1c2f1814c40326a094f8874c683dec68b
Details	sha1	1	97dae0c8fc302b6cbbc2e31c756909a16630d9c5
Details	sha1	1	34b9694fe6f5adb63f58217f80b4abb53c48e320
Details	sha1	1	df4a28bdd8b743c16d2c9917c6d39030c07f2c09
Details	sha1	1	8746ab9039ad88ebf8aa822473fa2f9947131d19
Details	sha1	1	b1261722dd055dc6a5e2d2f3839a91390eac24e8
Details	sha1	1	085b697d49b103c4a42b20aa8b2f5c4730212653
Details	sha1	1	dd2a120b485cbf9ff7dd7435ee1d1a3fc4596862
Details	sha1	1	06c6dc34a9728f67038a7d41bcbe2372a9c4e6e4
Details	sha1	4	a30bf5d046b6255fa2c4b029abbcf734824a7f15
Details	sha1	2	c35ab665f631c483e6ec315fda0c01ba4558c8f2
Details	sha1	2	c6ef59aa3f0cd1bb727e2464bb728ab79342ad32
Details	sha256	2	7c935dcd672c4854495f41008120288e8e1c144089f1f06a23bd0a0f52a544b1
Details	sha256	1	fb4f3d9421cf8d35de950ad52ff4dca3a0c3e84c3c770c09c3cf6bbcc540e9d4
Details	sha256	1	d02ede8735c319012923efc6d4befa78f39fcb6c4ce40cb37a45b419a2efc923
Details	sha256	1	009ce5fcce062d699db46559badcf259eb925fcfcf374c0bdea8eb13d5750edf
Details	sha256	1	ae00bb69f06936ac9afb0475d4b3ddf592e4c61e68327be2051211533a57d919
Details	sha256	1	70e8a9b39aa7dd91c461c32ddfeb090b3699e5984beb610787c92afd24ad546b
Details	sha256	1	a932b37f6ebadfca08beb990cf784ac247317abbc42c72a9961f8d4a1fe7e1fb
Details	sha256	1	26e75390015ba36c2723d35ed7a227064892979ad331e0a728e39673feaa24c2
Details	sha256	1	2548ad9263dd94109ab22393a08f77364d96c48b0b96640cb530818adb9c08f0
Details	sha256	1	e0c4021b38f4d2f1e13d0a8374c8ef081be458fc3031e7ad49795a65a013cb43
Details	sha256	1	ceebcd4472623db39026ae89dc0737d0cdec631cd763d9717d0f4a822a3a2085
Details	sha256	5	107da216ad99b7c0171745fe7f826e51b27b1812d435b55c3ddb801e23137d8f
Details	sha256	3	1f36898228197ee30c7b0ec0e48e804caa6edec33e3a91eeaf7aa2c5bbb9c6e0
Details	sha256	3	696b6b9f43e53387f7cef14c5da9b6c02b6bf4095849885d36479f8996e7e473
Details	MITRE ATT&CK Techniques	310	T1047
Details	MITRE ATT&CK Techniques	585	T1083
Details	MITRE ATT&CK Techniques	93	T1485
Details	MITRE ATT&CK Techniques	472	T1486
Details	MITRE ATT&CK Techniques	276	T1490
Details	Url	26	https://api.ipify.org
Details	Url	1	https://ip-api.com/#