Ransomware Roundup - Rancoz | FortiGuard Labs
Tags
cmtmf-attack-pattern: Supply Chain Compromise
country: Canada France India Lithuania United States Of America
maec-delivery-vectors: Watering Hole
attack-pattern: Data Datasets Email Addresses - T1589.002 Malware - T1587.001 Malware - T1588.001 Network Devices - T1584.008 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Supply Chain Compromise - T1474 Supply Chain Compromise - T1195 Supply Chain Compromise
Show in Graph
Common Information
Type Value
UUID db0456e1-a01c-4eb6-9eb4-7e25092287a0
Fingerprint a53284d30b23b6de
Analysis status DONE
Considered CTI value 2
Text language
Published July 6, 2023, 2:16 p.m.
Added to db July 7, 2023, 5:28 p.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline Ransomware Roundup - Rancoz
Title Ransomware Roundup - Rancoz | FortiGuard Labs
Detected Hints/Tags/Attributes 66/4/6
Source URLs
Redirection Url
Details Redirection https://feeds.fortinet.com/~/751636481/0/fortinet/blog/threat-research~Ransomware-Roundup-Rancoz
Details Source https://www.fortinet.com/blog/threat-research/ransomware-roundup-rancoz
URL Provider
Details Provider Source level domain
Details fortinet.com www.fortinet.com
Details fortinet.com feeds.fortinet.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 117 Fortinet All Blogs https://feeds.feedburner.com/fortinet/blogs 2024-08-30 22:08
Details 122 Fortinet Threat Research Blog https://feeds.fortinet.com/fortinet/blog/threat-research 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 4 
how_to_recovery_files.txt
Details File 345 
vssadmin.exe
Details sha256 1 
d5e632836622d52c91e4ef059e9124184fceaf85783278880797f788ce141588
Details sha256 1 
da0332ace0a9ccdc43de66556adb98947e64ebdf8b3289e2291016215d8c5b4c
Details sha256 2 
b95a4443bb8bff80d927ac551a9a5a5cfac3e3e03a5b5737c0e05c75f33ad61e
Details Windows Registry Key 19 
HKEY_CURRENT_USER\Software\Microsoft\Terminal