ioc[.]one - OSINT Cyber Threat Intelligence Database

Netskope Threat Coverage: Evil Ant Ransomware

Tags

attack-pattern:

Data Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Python - T1059.006 Symmetric Cryptography - T1521.001 Symmetric Cryptography - T1573.001 Graphical User Interface - T1061 Powershell - T1086 Graphical User Interface

Show in Graph

Common Information

Type	Value
UUID	e735a435-f449-4430-8d09-0029f1976514
Fingerprint	8402124ba6278691
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 16, 2024, 6 p.m.
Added to db	Oct. 1, 2024, 3:47 p.m.
Last updated	Nov. 17, 2024, 11:36 p.m.
Headline	Netskope Threat Coverage: Evil Ant Ransomware
Title	Netskope Threat Coverage: Evil Ant Ransomware
Detected Hints/Tags/Attributes	38/1/15

Source URLs

	Redirection	Url
Details	Source	https://www.netskope.com/blog/netskope-threat-coverage-evil-ant-ransomware

URL Provider

Details	Provider	Source level domain
Details	netskope.com	www.netskope.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	10		httpbin.org
Details	Domain	27		gen.malware.detect.by
Details	Domain	3		gen.detect.by.nscloudsandbox.tr
Details	Domain	1175		gmail.com
Details	Domain	145		api.telegram.org
Details	Email	1		evilant.ransomware@gmail.com
Details	md5	1		06115323d1ce04a47c443ef4e7dd6eed
Details	md5	1		DFDE9E46392DD3C0FFBA3A238D2F3244
Details	md5	1		0CA22199F9E94FD3D49533AA0601540A
Details	md5	1		ac612b8f09ec1f9d87a16873f27e15f0
Details	sha256	1		8dd86c621f642de4f221a01bae2c4df88994717fcedd12728f51776d99bfddf9
Details	sha256	1		0a5c6f29889bf486091ab4cee5918b837e2dd5eeb47ddec59f06962c15fa62cf
Details	sha256	1		c31dd8d015f5f296b915243815c2245864c73a90a9b4e6dec8e5da75e4931afa
Details	sha256	1		355784fa1c77e09c0de0fcd277bfc9edb3920933f2003d2d1d1b84822f25697b
Details	Url	1		https://api.telegram.org/bot6893451039