Decrypted: BianLian Ransomware - Avast Threat Labs
Tags
| attack-pattern: | Data Asymmetric Cryptography - T1521.002 Asymmetric Cryptography - T1573.002 Password Cracking - T1110.002 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | cd2e28c9-eb85-4696-8898-c9280ce91642 |
| Fingerprint | a7067079269e3456 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Jan. 16, 2023, 8 a.m. |
| Added to db | June 5, 2023, 10:35 a.m. |
| Last updated | Oct. 18, 2024, 5:05 p.m. |
| Headline | Decrypted: BianLian Ransomware |
| Title | Decrypted: BianLian Ransomware - Avast Threat Labs |
| Detected Hints/Tags/Attributes | 31/1/14 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 100 | ✔ | Avast Threat Labs | https://decoded.avast.io/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 32 | avast.com |
|
| Details | 4 | decryptors@avast.com |
||
| Details | File | 13 | instruction.txt |
|
| Details | File | 2 | c:\windows\temp\mativ.exe |
|
| Details | File | 2 | c:\windows\temp\areg.exe |
|
| Details | File | 2 | %username%\pictures\windows.exe |
|
| Details | File | 3 | anabolic.exe |
|
| Details | sha256 | 7 | 1fd07b8d1728e416f897bef4f1471126f9b18ef108eb952f4b75050da22e8e43 |
|
| Details | sha256 | 3 | 3a2f6e614ff030804aa18cb03fcc3bc357f6226786efb4a734cbe2a3a1984b6f |
|
| Details | sha256 | 4 | 46d340eaf6b78207e24b6011422f1a5b4a566e493d72365c6a1cace11c36b28b |
|
| Details | sha256 | 1 | 3be5aab4031263529fe019d4db19c0c6d3eb448e0250e0cb5a7ab2324eb2224d |
|
| Details | sha256 | 1 | a201e2d6851386b10e20fbd6464e861dea75a802451954ebe66502c2301ea0ed |
|
| Details | sha256 | 1 | ae61d655793f94da0c082ce2a60f024373adf55380f78173956c5174edb43d49 |
|
| Details | sha256 | 5 | eaf5e26c5e73f3db82cd07ea45e4d244ccb3ec3397ab5263a1a74add7bbcb6e2 |