RansomHub
Reports
9
First seen
Oct 8
Last seen
Jun 19
Motivation
financial, ransomware, financial extortion
Targeting
Sectors
other ×2
Top ATT&CK techniques
T1486 Data Encrypted for Impact ×6T1562.001 Impair Defenses: Disable or Modify Tools ×5T1566 Phishing ×4T1021 Remote Services ×4T1021.001 Remote Services: Remote Desktop Protocol ×3T1078 Valid Accounts ×3T1110 Brute Force ×3T1133 External Remote Services ×2T1070.001 Indicator Removal: Clear Windows Event Logs ×2T1219 Remote Access Software ×2T1567 Exfiltration Over Web Service ×2T1027 Obfuscated Files or Information ×2
Indicators
filename ×103hash_md5 ×15hash_sha256 ×15hash_sha1 ×15ip_v4 ×11domain ×5url ×2registry_key ×1cve ×1
Indicator values are available on Pro and via the API.
Associated CVEs
Recent reports
High