Beware! Big Head ransomware that looks like Windows update can also delete backups
Tags
attack-pattern: Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Software - T1592.002 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID ea458e0d-b7e8-49f1-8d37-d369a795114e
Fingerprint a635b8930ef7c5c5
Analysis status DONE
Considered CTI value 0
Text language
Published July 10, 2023, 2:16 p.m.
Added to db July 10, 2023, 4:30 p.m.
Last updated Nov. 7, 2024, 2:51 p.m.
Headline Beware! Big Head ransomware that looks like Windows update can also delete backups
Title Beware! Big Head ransomware that looks like Windows update can also delete backups
Detected Hints/Tags/Attributes 31/1/4
Source URLs
Redirection Url
Details Source https://www.neowin.net/news/beware-big-head-ransomware-that-looks-like-windows-update-can-also-delete-backups/
URL Provider
Details Provider Source level domain
Details neowin.net www.neowin.net
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 163 https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 2 
clipbanker.mz
Details File 3 
cry.ps1
Details File 3 
srvc.exe
Details File 105 
bcdedit.exe