ioc[.]one - OSINT Cyber Threat Intelligence Database

Ryuk Related Malware Steals Confidential Military, Financial Files

Tags

attack-pattern:

Data Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004

Show in Graph

Common Information

Type	Value
UUID	dcdc06e5-c81b-4360-b54f-c13a16bd0db6
Fingerprint	1236a36836a73e55
Analysis status	DONE
Considered CTI value	0
Text language
Published	Sept. 11, 2019, midnight
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Nov. 17, 2024, 6:49 p.m.
Headline	Ryuk Related Malware Steals Confidential Military, Financial Files
Title	Ryuk Related Malware Steals Confidential Military, Financial Files
Detected Hints/Tags/Attributes	41/1/6

Source URLs

	Redirection	Url
Details	Source	https://www.bleepingcomputer.com/news/security/ryuk-related-malware-steals-confidential-military-financial-files/

URL Provider

Details	Provider	Source level domain
Details	bleepingcomputer.com	www.bleepingcomputer.com

Attributes

Details	Type	#Events	CTI	Value
Details	File	14		ryukreadme.txt
Details	File	58		document.xml
Details	File	351		recycle.bin
Details	sha256	1		c64269a64b64b20108df89c4f1a415936c9d9923f8761d0667aa8492aa057acb
Details	sha256	1		e6762cb7d09cd90d5469e3c3bfc3b47979cd67aa06c06e893015a87b0348c32c
Details	IPv4	1		66.42.76.46