Gentlemen
Also known as hastalamuerte, zeta88
Reports
4
First seen
Mar 19
Last seen
Jun 19
Motivation
financial, Financial (ransomware extortion)
Targeting
Sectors
agriculture ×1
Victim regions
Australia ×1
Top ATT&CK techniques
T1027 Obfuscated Files or Information ×3T1562.001 Impair Defenses: Disable or Modify Tools ×3T1543.003 Create or Modify System Process: Windows Service ×2T1003 OS Credential Dumping ×2T1486 Data Encrypted for Impact ×2T1068 Exploitation for Privilege Escalation ×2T1106 Native API ×1T1036.001 Masquerading: Invalid Code Signature ×1T1059.003 Command and Scripting Interpreter: Windows Command Shell ×1T1569.002 System Services: Service Execution ×1T1562.009 Impair Defenses: Safe Mode Boot ×1T1489 Service Stop ×1
Indicators
filename ×197domain ×2
Indicator values are available on Pro and via the API.
Recent reports
High