Direwolf

Reports
6
First seen
Mar 19
Last seen
Jun 12
Motivation
financial

Targeting

Sectors
retail ecommerce ×1healthcare ×1
Victim regions
Spain ×1

Top ATT&CK techniques

T1547 Boot or Logon Autostart Execution ×1T1562.001 Impair Defenses: Disable or Modify Tools ×1T1486 Data Encrypted for Impact ×1T1562.006 Impair Defenses: Indicator Blocking ×1T1027.002 Obfuscated Files or Information: Software Packing ×1T1566 Phishing ×1T1565 Data Manipulation ×1T1027 Obfuscated Files or Information ×1T1491 Defacement ×1T1078 Valid Accounts ×1T1021 Remote Services ×1T1562 Impair Defenses ×1

Indicators

filename ×49domain ×4

Indicator values are available on Pro and via the API.

Associated CVEs

Recent reports

This page shows data on a 7-day delay. Free accounts get the full delayed feed; real-time reports, indicators, and the API start at $29/mo.