ioc[.]one - OSINT Cyber Threat Intelligence Database

AvosLocker Ransomware Behavior Examined on Windows & Linux | Qualys Security Blog

Tags

cmtmf-attack-pattern:	Obfuscated Files Or Information
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Data Encrypted For Impact - T1471 Data Encrypted For Impact - T1486 Exploits - T1587.004 Exploits - T1588.005 File And Directory Discovery - T1420 Inhibit System Recovery - T1490 Malware - T1587.001 Malware - T1588.001 Obfuscated Files Or Information - T1406 System Information Discovery - T1426 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Brute Force - T1110 File And Directory Discovery - T1083 Obfuscated Files Or Information - T1027 System Information Discovery - T1082 User Execution - T1204 User Execution

Show in Graph

Common Information

Type	Value
UUID	eee379c2-cb0d-416d-abb8-4ef50e979c99
Fingerprint	9e56b85ba6b186d9
Analysis status	DONE
Considered CTI value	2
Text language
Published	March 6, 2022, 9:18 p.m.
Added to db	Sept. 26, 2022, 9:34 a.m.
Last updated	Nov. 17, 2024, 6:56 p.m.
Headline	AvosLocker Ransomware Behavior Examined on Windows & Linux
Title	AvosLocker Ransomware Behavior Examined on Windows & Linux \| Qualys Security Blog
Detected Hints/Tags/Attributes	67/3/21

Source URLs

	Redirection	Url
Details	Source	https://blog.qualys.com/vulnerabilities-threat-research/2022/03/06/avoslocker-ransomware-behavior-examined-on-windows-linux

URL Provider

Details	Provider	Source level domain
Details	qualys.com	blog.qualys.com

Attributes

Details	Type	#Events	Value
Details	CVE	168	cve-2021-34473
Details	CVE	12	cve-2021-31206
Details	CVE	142	cve-2021-34523
Details	CVE	143	cve-2021-31207
Details	Domain	1	xxx.onion
Details	Domain	4	avosjon4pfh3y7ew3jdwz6ofw7lljcxlbk7hcxxmnxlh5kvf2akcqjad.onion
Details	Domain	4	avosqxh72b5ia23dl5fgwcpndkctuzqvh2iefk5imp3pi5gfhel5klad.onion
Details	File	9	get_your_files_back.txt
Details	sha256	1	c0a42741eef72991d9d0ee8b6c0531fc19151457a8b59bdcf7b6373d1fe56e02
Details	sha256	2	7c935dcd672c4854495f41008120288e8e1c144089f1f06a23bd0a0f52a544b1
Details	MITRE ATT&CK Techniques	409	T1566
Details	MITRE ATT&CK Techniques	420	T1204
Details	MITRE ATT&CK Techniques	627	T1027
Details	MITRE ATT&CK Techniques	1006	T1082
Details	MITRE ATT&CK Techniques	472	T1486
Details	MITRE ATT&CK Techniques	585	T1083
Details	MITRE ATT&CK Techniques	276	T1490
Details	Url	1	http://avosxxx…xxx.onion
Details	Url	1	http://avosjonxxx…xxx.onion
Details	Url	2	http://avosjon4pfh3y7ew3jdwz6ofw7lljcxlbk7hcxxmnxlh5kvf2akcqjad.onion
Details	Url	2	http://avosqxh72b5ia23dl5fgwcpndkctuzqvh2iefk5imp3pi5gfhel5klad.onion