Povlsomware Ransomware Features Cobalt Strike Compatibility
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Multi-Factor Authentication - T1556.006 Phishing - T1660 Phishing - T1566 Remote Access Software - T1663 Software - T1592.002 Tool - T1588.002 Remote Access Tools - T1219 Windows Management Instrumentation - T1047
Show in Graph
Common Information
Type Value
UUID de9c2990-810c-47a4-b76f-af9498546f74
Fingerprint a77388b80fb7165f
Analysis status DONE
Considered CTI value 2
Text language
Published March 1, 2021, midnight
Added to db Oct. 15, 2024, 5:47 p.m.
Last updated Nov. 17, 2024, 6:49 p.m.
Headline Povlsomware Ransomware Features Cobalt Strike Compatibility
Title Povlsomware Ransomware Features Cobalt Strike Compatibility
Detected Hints/Tags/Attributes 38/2/20
Source URLs
Redirection Url
Details Source https://www.trendmicro.com/en_ph/research/21/c/povlsomware-ransomware-features-cobalt-strike-compatibility.html
Details Source https://www.trendmicro.com/en_ie/research/21/c/povlsomware-ransomware-features-cobalt-strike-compatibility.html
Details Source https://www.trendmicro.com/en_ca/research/21/c/povlsomware-ransomware-features-cobalt-strike-compatibility.html
URL Provider
Details Provider Source level domain
Details trendmicro.com www.trendmicro.com
Attributes
Details Type #Events CTI Value
Details File 25 
ransom.msi
Details File 351 
recycle.bin
Details sha256 1 
e05c74663775baf3ee37430d4662f7a9c89d63a752af5448c273e6b70fd9ec74
Details sha256 1 
9effa31cbcf5e90fc0955b363871a4ef54ffd7634a0095673004b39e9036ef94
Details sha256 1 
2aca9d08bacd2df13dd0475cc624fddec3fcc13495cbc7fc4f715764cb3c7ebe
Details sha256 1 
c740cbdd79c5ef5fe2b9388cd57dcd76ab491cdb94bcacd525b599b12d25f88c
Details sha256 1 
e08456212a2d597ba26456df8cbf48890a4350d9a8aba436c65acfec171ad468
Details sha256 1 
6a61bdcdaf9b8b9dd0a5328680acee9db9d0b64166cbf1cf73046a8e0c4efec8
Details sha256 1 
f27b13e25bc39c222847c150488b5c404042fd526023d6ac8866e306e4975349
Details sha256 1 
6c7485988ca145b02f564b8aae89133acf1ec6fe0db44be26cd3c8e87a6d1c6a
Details sha256 1 
d8cb6bc96ed3c980013addb9af4f61fdfefc5e3373c36e821062c2dae565dd75
Details sha256 1 
37ca7a3b52d6cb9d9ebb9319c5f28f7b1e0ebb338bf732ace170684eb193b10e
Details sha256 1 
cb2ef26d028621b5b438e5386daf1f06fc986d88d31c99b9833b4b906e6f0f33
Details sha256 1 
de17f48967192dbd33ac67d752c7c4de441204d1da58b9801a90775e0265a66a
Details sha256 1 
260950708c993ed1585a98952493bbaca92a8162439887b510ca832713898b75
Details sha256 1 
3e6783288c3387437b25eb9f990cc9329acffb073baf7bb954e087c3733cfb2e
Details sha256 1 
124e33009fc91c9964f5c44e4dc42ef7ae787bbb375305b95cbd7ee8014f080c
Details sha256 1 
9a355fc10fe9e7906c34d8850a2efc5c93a3a1274ce3b122f5d6944b2d33f837
Details sha256 1 
2a6a5f6842b7f40c905ec44c43b4a9a999dadbcbc06f7d320ea4e96cc96e899f
Details sha256 1 
78c2f745aa5ae027dad5fe67ec892cf6b05fd418f72031fb5d744b63bdf11200