2024-08-29 UNDERGROUND Ransomware Samples
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Clear Windows Event Logs - T1070.001 Exploits - T1587.004 Exploits - T1588.005 File Deletion - T1070.004 File Deletion - T1630.002 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Service Stop - T1489 Software - T1592.002 File Deletion - T1107 Service Stop
Show in Graph
Common Information
Type Value
UUID e79e95ec-d15c-4486-8842-2b76aa1123f0
Fingerprint b662897a276e84e2
Analysis status DONE
Considered CTI value 2
Text language
Published Sept. 2, 2024, 5:06 p.m.
Added to db Sept. 2, 2024, 7:17 p.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline 2024-08-29 UNDERGROUND Ransomware Samples
Title 2024-08-29 UNDERGROUND Ransomware Samples
Detected Hints/Tags/Attributes 35/2/13
Source URLs
Redirection Url
Details Source https://malware.news/t/2024-08-29-underground-ransomware-samples/85913
URL Provider
Details Provider Source level domain
Details malware.news malware.news
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 158 Malware Analysis, News and Indicators - Latest topics https://malware.news/latest.rss 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 119 
cve-2023-36884
Details File 1 
codevssadmin.exe
Details File 345 
vssadmin.exe
Details File 165 
reg.exe
Details File 256 
net.exe
Details sha256 3 
9d41b2f7c07110fb855c62b5e7e330a597860916599e73dd3505694fd1bbe163
Details sha256 3 
9f702b94a86558df87de316611d9f1bfe99a6d8da9fa9b3d7bb125a12f9ad11f
Details sha256 3 
cc80c74a3592374341324d607d877dcf564d326a1354f3f2a4af58030e716813
Details sha256 4 
d4a847fa9c4c7130a852a2e197b205493170a8b44426d9ec481fc4b285a92666
Details sha256 3 
eb8ed3b94fa978b27a02754d4f41ffc95ed95b9e62afb492015d0eb25f89956f
Details Mandiant Temporary Group Assumption 5 
TEMP.CMD
Details Microsoft Threat Actor Naming Taxonomy (Groups in development) 79 
Storm-0978
Details Windows Registry Key 44 
HKLM\SOFTWARE\Policies\Microsoft\Windows