Gentlemen

Also known as hastalamuerte, zeta88
Reports
4
First seen
Mar 19
Last seen
Jun 19
Motivation
financial, Financial (ransomware extortion)

Targeting

Sectors
agriculture ×1
Victim regions
Australia ×1

Top ATT&CK techniques

T1027 Obfuscated Files or Information ×3T1562.001 Impair Defenses: Disable or Modify Tools ×3T1543.003 Create or Modify System Process: Windows Service ×2T1003 OS Credential Dumping ×2T1486 Data Encrypted for Impact ×2T1068 Exploitation for Privilege Escalation ×2T1106 Native API ×1T1036.001 Masquerading: Invalid Code Signature ×1T1059.003 Command and Scripting Interpreter: Windows Command Shell ×1T1569.002 System Services: Service Execution ×1T1562.009 Impair Defenses: Safe Mode Boot ×1T1489 Service Stop ×1

Indicators

filename ×197domain ×2

Indicator values are available on Pro and via the API.

Recent reports

This page shows data on a 7-day delay. Free accounts get the full delayed feed; real-time reports, indicators, and the API start at $29/mo.