Rectifyq📃Title: Emerging Ransomware Groups: AvosLocker, Hive, HelloKitty, LockBit 2.0
📅Date: 2021-08-24
🔗References:
Description
A look at some of the emerging ransomware groups that are currently affecting organizations and are likely to become more prevalent in the future, according to security firm Palo Alto Networks and its Unit 42 security unit.
🔖Rectifyq Taxonomies:
- relevancy: 🔴 Highly Relevant
- category: ⚔Threat
- sub-category: campaign-analysis
- target: broad-based
- MY-relevancy: relevant
🔖MISP Galaxies:
- producer Palo-Alto
- target-information=“Romania”
- target-information=“Austria”
- target-information=“Italy”
- target-information=“Germany”
- target-information=“Switzerland”
- target-information=“Brazil”
- target-information=“Australia”
- target-information=“Malaysia”
- target-information=“Argentina”
- target-information=“Mexico”
- target-information=“Lebanon”
- target-information=“Spain”
- target-information=“Belgium”
- target-information=“United States”
- ransomware=“AvosLocker”
- ransomware=“HelloKitty”
- ransomware=“Hive”
- ransomware=“LockBit”
- mitre-attack-pattern=[‘T1090’, ‘T1021’, ‘T1115’, ‘T1027’, ‘T1110’, ‘T1003’, ‘T1490’, ‘T1471’]
MISP event uuid: 2959ad1b-1d10-4406-b3e7-92343e5097d0
Indicator of Compromise (IoCs)
type,value,comment
domain, bigblog.at, 'IOC-description:Registrar=Key-Systems GmbH ( https://nic.at/registrar/404 )'
domain, decoding.at, ''
sha256, aa727a827c9e978520f5703e9100b52551b97cfc1e15e683cf27ce5212035548, 'Lockbit 2.0 No sample in VT\r\nLast check:23/02/2025'
sha256, a718c499a7a3c505828f5253862c9b2f3c40e2d80132de96e5cc19e3c161730b, 'Lockbit 2.0 No sample in VT\r\nLast check:23/02/2025'
sha256, b735c0169ecdddba6676c6c490199358f6ab7cc9724391fee2482676a3efc6e5, 'Lockbit 2.0 No sample in VT\r\nLast check:23/02/2025'
domain, lockbit-decryptor.com, ''
domain, lockbit-decryptor.top, ''
Full IOCs available in Rectifyq's MISP```