Warlock

Also known as Water Manaul
Reports
3
First seen
Mar 16
Last seen
Apr 20
Motivation
Financial (ransomware), financial, financial extortion

Targeting

Sectors
other ×1

Top ATT&CK techniques

T1562.001 Impair Defenses: Disable or Modify Tools ×3T1486 Data Encrypted for Impact ×2T1572 Protocol Tunneling ×1T1569.002 System Services: Service Execution ×1T1562.009 Impair Defenses: Safe Mode Boot ×1T1059.001 Command and Scripting Interpreter: PowerShell ×1T1567 Exfiltration Over Web Service ×1T1068 Exploitation for Privilege Escalation ×1T1489 Service Stop ×1T1195 Supply Chain Compromise ×1T1204.001 User Execution: Malicious Link ×1T1562.006 Impair Defenses: Indicator Blocking ×1

Indicators

filename ×102url ×1ip_v4 ×1hash_sha1 ×1domain ×1

Indicator values are available on Pro and via the API.

Recent reports

This page shows data on a 7-day delay. Free accounts get the full delayed feed; real-time reports, indicators, and the API start at $29/mo.