ioc[.]one - OSINT Cyber Threat Intelligence Database

UNKNOWN

Tags

attack-pattern:

Rootkit - T1014 Rootkit

Show in Graph

Common Information

Type	Value
UUID	eee38584-706f-40f0-81ef-ea82d50768f5
Fingerprint	965fbff47d9e7853
Analysis status	DONE
Considered CTI value	2
Text language
Published	None
Added to db	June 1, 2023, 10:58 a.m.
Last updated	Oct. 16, 2024, 2:39 a.m.
Headline	UNKNOWN
Title	UNKNOWN
Detected Hints/Tags/Attributes	12/1/16

Source URLs

	Redirection	Url
Details	Source	https://www.trendmicro.com/content/dam/trendmicro/global/en/research/23/e/blackcat-ransomware-deploys-new-signed-kernel-driver/indicators-blackcat-ransomware-deploys-new-signed-kernel-driver.txt

URL Provider

Details	Provider	Source level domain
Details	trendmicro.com	www.trendmicro.com

Attributes

Details	Type	#Events	CTI	Value
Details	File	1		yixowv.exe
Details	File	1		cor.exe
Details	File	1		trj.exe
Details	File	1		dkrtk.sys
Details	File	1		fgme.sys
Details	File	1		ktes.sys
Details	File	1		kt2.sys
Details	File	9		ktgn.sys
Details	sha1	3		17bd8fda268cbb009508c014b7c0ff9d8284f850
Details	sha1	3		78cd4dfb251b21b53592322570cc32c6678aa468
Details	sha1	3		c2387833f4d2fbb1b54c8f8ec8b5b34f1e8e2d91
Details	sha1	3		91568d7a82cc7677f6b13f11bea5c40cf12d281b
Details	sha1	3		0bec69c1b22603e9a385495fbe94700ac36b28e5
Details	sha1	2		5ed22c0033aed380aa154e672e8db3a2d4c195c4
Details	sha1	3		cb25a5125fb353496b59b910263209f273f3552d
Details	sha1	5		994e3f5dd082f5d82f9cc84108a60d359910ba79