Hypervisor Ransomware | Multiple Threat Actor Groups Hop on Leaked Babuk Code to Build ESXi Lockers
Tags
| country: | Mexico |
| attack-pattern: | Data Cloud Services - T1021.007 Malware - T1587.001 Malware - T1588.001 Hypervisor - T1062 |
Common Information
| Type | Value |
|---|---|
| UUID | e163c113-b96b-48a5-a124-6c4205659c94 |
| Fingerprint | 1d5099873db5109f |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | May 11, 2023, midnight |
| Added to db | June 1, 2023, 10:53 a.m. |
| Last updated | Nov. 12, 2024, 11:51 a.m. |
| Headline | Hypervisor Ransomware | Multiple Threat Actor Groups Hop on Leaked Babuk Code to Build ESXi Lockers |
| Title | Hypervisor Ransomware | Multiple Threat Actor Groups Hop on Leaked Babuk Code to Build ESXi Lockers |
| Detected Hints/Tags/Attributes | 66/2/21 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 30 | main.cpp |
|
| Details | File | 1 | args.cpp |
|
| Details | File | 1 | howtorestore.txt |
|
| Details | File | 140 | files.txt |
|
| Details | File | 3 | elf.exe |
|
| Details | sha1 | 2 | e8bb26f62983055cfb602aa39a89998e8f512466 |
|
| Details | sha1 | 2 | dc8b9bc46f1d23779d3835f2b3648c21f4cf6151 |
|
| Details | sha1 | 2 | 9290478cda302b9535702af3a1dada25818ad9ce |
|
| Details | sha1 | 2 | 048b3942c715c6bff15c94cdc0bb4414dbab9e07 |
|
| Details | sha1 | 2 | 091f4bddea8bf443bc8703730f15b21f7ccf00e9 |
|
| Details | sha1 | 3 | ee827023780964574f28c6ba333d800b73eae5c4 |
|
| Details | sha1 | 2 | 74e4b2f7abf9dbd376372c9b05b26b02c2872e4b |
|
| Details | sha1 | 2 | 29f16c046a344e0d0adfea80d5d7958d6b6b8cfa |
|
| Details | sha1 | 1 | f25846f8cda8b0460e1db02ba6d3836ad3721f62 |
|
| Details | sha1 | 2 | b93d649e73c21efea10d4d811b711316206c0509 |
|
| Details | sha1 | 2 | cd19c2741261de97e91943148ba8c0863567b461 |
|
| Details | sha1 | 2 | 885a734c7869b52aa125674cb430199b2645cda0 |
|
| Details | sha1 | 2 | 76fb0d08fd5b9c52cb9da118ce5561cc0462555f |
|
| Details | sha1 | 2 | 933ad0a7d9db57b92144840d838f7b10356c7e51 |
|
| Details | sha1 | 2 | 71ed640ebd8377f52bda4968398c62c97ae1c3ed |
|
| Details | sha1 | 2 | 3b1a2847e006007626ced901e402f1a33bb800c7 |