Play
Reports
29
First seen
May 13
Last seen
Jun 26
Motivation
extortion, financial, financial extortion
Targeting
Sectors
manufacturing ×5retail ecommerce ×3other ×3professional services ×2transportation logistics ×2hospitality ×2telecommunications ×1technology ×1
Victim regions
United States ×8Netherlands ×2
Top ATT&CK techniques
T1021.001 Remote Services: Remote Desktop Protocol ×2T1562.001 Impair Defenses: Disable or Modify Tools ×2T1021.002 Remote Services: SMB/Windows Admin Shares ×1T1003.006 OS Credential Dumping: DCSync ×1T1136.001 Create Account: Local Account ×1T1204.002 User Execution: Malicious File ×1T1047 Windows Management Instrumentation ×1T1560.001 Archive Collected Data: Archive via Utility ×1T1112 Modify Registry ×1T1110 Brute Force ×1T1078 Valid Accounts ×1T1036 Masquerading ×1
Indicators
filename ×40domain ×31hash_sha256 ×10hash_sha1 ×10hash_md5 ×10ip_v4 ×4url ×2registry_key ×1
Indicator values are available on Pro and via the API.
Recent reports
High