Behavioral task
behavioral1
Sample
Incident Response Techniques for Ransomware Attacks Understand modern ransomware attacks ( etc.) (z-lib.org).pdf
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Incident Response Techniques for Ransomware Attacks Understand modern ransomware attacks ( etc.) (z-lib.org).pdf
Resource
win10v2004-20220812-en
General
-
Target
Incident Response Techniques for Ransomware Attacks Understand modern ransomware attacks ( etc.) (z-lib.org).pdf
-
Size
12.1MB
-
MD5
c51ade4cdac56d0c98f392e29c1a226f
-
SHA1
d6265b5ec7130c0473f73b0ca14a5d21939d4420
-
SHA256
a6c34199052ba042237905ae228de55fb6fc445a9c1a951fcdec0e4c98c44d03
-
SHA512
da16868226c38304cff12c808a157fbc5bd5e816aeae01087faaa1d164487c111988d2373e6921e436eb19b3d9040c3aaea714499e57e4d629df23c7c3a68910
-
SSDEEP
393216:vfuGGSZVob88r888888888888X88Z8LzGSgKdp+XJC0klB:vmGtZs88r888888888888X88Z8LSAj+U
Malware Config
Signatures
Files
-
Incident Response Techniques for Ransomware Attacks Understand modern ransomware attacks ( etc.) (z-lib.org).pdf.pdf
-
https://www.unifiedkillchain.com/assets/The-Unified-Kill-Chain.pdf
-
https://attack.mitre.org/docs/ATTACK_Design_and_Philosophy_March_2020.pdf
-
https://www.lockheedmartin.com/content/dam/lockheed-martin/rms/documents/cyber/LM-White-Paper-Intel-Driven-Defense.pdf
-
https://github.com/keydet89/RegRipper3.0
-
https://f001.backblazeb2.com/file/EricZimmermanTools/RegistryExplorer.zip
-
https://www.nirsoft.net/utils/mozilla_cache_viewer.html
-
https://www.nirsoft.net/utils/chrome_cache_view.html
-
https://www.nirsoft.net/utils/browsing_history_view.html
-
https://sqlitebrowser.org/dl/
-
https://ericzimmerman.github.io/#!index.md
-
https://www.amazon.com/System-Forensic-Analysis-Brian-Carrier/dp/0321268172
-
https://github.com/Velocidex/velociraptor
-
https://www.brimorlabs.com/Tools/LiveResponseCollection-Cedarpelta.zip
-
https://github.com/matonis/page_brute
-
https://processhacker.sourceforge.io/downloads.php
-
https://www.osforensics.com/tools/volatility-workbench.html
-
https://www.volatilityfoundation.org/releases-vol3
-
https://www.volatilityfoundation.org/releases
-
https://www.magnetforensics.com/resources/magnet-ram-capture/
-
https://belkasoft.com/ram-capturer
-
https://accessdata.com/product-download/ftk-imager-version-4-5
-
https://twitter.com/AltShiftPrtScn/status/1403707430765273095
-
https://www.morphisec.com/hubfs/eBooks_and_Whitepapers/EGREGOR%20REPORT%20WEB%20FINAL.pdf
-
https://www.cybereason.com/blog/cybereason-vs-egregor-ransomware
-
https://explore.group-ib.com/ransomware-reports/egregor_wp
-
https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689
-
https://www.fireeye.com/blog/threat-research/2021/06/darkside-affiliate-supply-chain-software-compromise.html
-
https://www.virustotal.com/
-
https://attack.mitre.org/techniques/T1219/
-
https://attack.mitre.org/
-
https://labs.sentinelone.com/hive-attacks-analysis-of-the-human-operated-ransomware-targeting-healthcare/
-
https://www.ransomwatch.org/
-
https://www.coveware.com/blog/2021/7/23/q2-ransom-payment-amounts-decline-as-ransomware-becomes-a-national-security-priority
-
https://youtu.be/PqGaZgepNTE
-
https://www.group-ib.com/resources/threat-research/ransomware-2021.html
-
https://www.youtube.com/watch?v=_BLOmClsSpc
-
https://www.advanced-intel.com/post/crime-laundering-primer-inside-ryuk-crime-crypto-ledger-risky-asian-crypto-traders
-
https://www.crowdstrike.com/blog/doppelpaymer-ransomware-and-dridex-2/
-
https://www.sophos.com/en-us/medialibrary/PDFs/technical-papers/SamSam-The-Almost-Six-Million-Dollar-Ransomware.pdf
-
https://packt.link/r/180324044X
-
http://authors.packtpub.com
-
http://www.packtpub.com/support/errata
-
https://static.packt-cdn.com/downloads/9781803240442_ColorImages.pdf
-
http://www.packt.com
-
https://packt.link/9781801079747
-
https://packt.link/9781838556372
-
http://packt.com
-
http://Packt.com
-
http://978-1-80324-044-2en-GBwww.packt.com
-
https://static.packt-cdn.com/en-GBdownloads/9781803240442_ColorImages.pdfen-GB.en-GBConventions
-
http://en-GBwww.packtpub.com/support/errataen-GB
-
https://www.sophos.com/en-us/medialibrary/en-GBPDFs/technical-papers/SamSam-The-Almost-Six-Million-Dollar-en-GBRansomware.pdfen-GB
-
https://www.crowdstrike.com/blog/doppelpaymer-en-GBransomware-and-dridex-2/en-GB
-
https://www.advanced-intel.com/en-GBpost/crime-laundering-primer-inside-ryuk-crime-crypto-ledger-en-GBrisky-asian-crypto-tradersen-GB
-
https://www.youtube.com/en-GBwatch?v=_BLOmClsSpcen-GB.en-GBDespite
-
https://www.group-ib.com/en-GBresources/threat-research/ransomware-2021.htmlen-GB
-
https://youtu.be/PqGaZgepNTEen-GB.en-GBAs
-
https://attack.mitre.org/en-GB.en-GB
-
https://www.virustotal.com/en-GB
-
https://www.fireeye.com/blog/threat-research/2021/06/en-GBdarkside-affiliate-supply-chain-software-compromise.htmlen-GB.
-
http://wscript.shell
-
http://adodb.stream
-
http://en-GBselecten-GBrequest.open
-
http://en-GBshellok.run
-
https://helpdesk.kaseya.com/hc/en-GBen-gb/articles/4403440684689en-GB
-
http://aaa.zip
-
https://explore.en-GBgroup-ib.com/ransomware-reports/egregor_wpen-GB.en-GBEvery
-
https://www.cybereason.com/blog/en-GBcybereason-vs-egregor-ransomwareen-GB.en-GBNow,
-
https://www.morphisec.com/en-GBhubfs/eBooks_and_Whitepapers/EGREGOR%20REPORT%20WEB%20FINAL.en-GBpdfen-GB.en-GBAccording
-
https://twitter.com/en-GBAltShiftPrtScn/status/1403707430765273095en-GB
-
https://accessdata.com/product-download/en-GBftk-imager-version-4-5en-GB
-
https://belkasoft.com/ram-captureren-GB
-
https://www.magnetforensics.com/en-GBresources/magnet-ram-capture/en-GB
-
https://www.volatilityfoundation.org/releasesen-GB
-
https://www.volatilityfoundation.org/releases-en-GBvol3en-GB
-
https://www.osforensics.com/tools/en-GBvolatility-workbench.htmlen-GB.en-GBOf
-
https://processhacker.en-GBsourceforge.io/downloads.phpen-GB.en-GBIt
-
https://github.com/matonis/page_en-GBbruteen-GB
-
https://www.en-GBbrimorlabs.com/Tools/LiveResponseCollection-Cedarpelta.zipen-GB
-
https://en-GBgithub.com/Velocidex/velociraptoren-GB
-
https://ericzimmerman.en-GBgithub.io/#!index.mden-GB.en-GBIf
-
https://sqlitebrowser.org/dl/en-GB
-
https://www.en-GBnirsoft.net/utils/browsing_history_view.htmlen-GB
-
https://www.nirsoft.net/utils/chrome_cache_en-GBview.htmlen-GB
-
https://www.nirsoft.net/utils/mozilla_en-GBcache_viewer.htmlen-GB
-
https://f001.en-GBbackblazeb2.com/file/EricZimmermanTools/RegistryExplorer.zipen-GB
-
https://en-GBgithub.com/keydet89/RegRipper3.0en-GB
-
http://visteme.mx/shop/wp-en-GBadmin/PP/,https://newsmag.danielolayinkas.com/content/en-GBnVgyRFrTE68Yd9s6/,http://av-quiz.tk/wp-content/k6K/,http://en-GBranvipclub.net/pvhko/a/,https://goodtech.cetxlabs.com/en-GBcontent/5MfZPgP06/,http://devanture.com.sg/wp-includes/en-GBXBByNUNWvIEvawb68/,https://team.stagingapps.xyz/wp-content/en-GBaPIm2GsjA/
-
https://www.bing.com/search?q=en-GB7zipen-GB&FORM=EDen-GB-en-GBGENA&refig=00000000000000000000000000000000&rdr=1&rdrien-GB-en-GBg=3DA33985405F4B2993B9833178C9DA02en-GBIt's
-
https://www.bing.com/search?q=en-GBdropmefilesen-GB&form=Een-GBDGEAR&qs=PF&cvid=180852cf29174b2ea6c8dbb110385dc4&cc=US&setlangen-GB=en-US&plvar=0en-GB
-
https://dropmefiles.com/DRUiqen-GB,
-
http://saturdata.com
-
https://www.lockheedmartin.com/content/dam/en-GBlockheed-martin/rms/documents/cyber/LM-White-Paper-Intel-en-GBDriven-Defense.pdfen-GB
-
https://en-GBattack.mitre.org/docs/ATTACK_Design_and_Philosophy_March_2020.en-GBpdfen-GB
-
https://www.unifiedkillchain.com/en-GBassets/The-Unified-Kill-Chain.pdfen-GB.en-GB
- Show all
-