otx.alienvault.com
Open in
urlscan Pro
13.225.78.74
Public Scan
URL:
https://otx.alienvault.com/pulse/64caa604c4ce91eb26b74912
Submission: On August 02 via api from US — Scanned from DE
Submission: On August 02 via api from US — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
× Loading... * Browse * Scan Endpoints * Create Pulse * Submit Sample * API Integration * Login | Sign Up All * Login | Sign Up * Share Actions Subscribers (240039) Suggest Edit Clone Embed Download Report Spam REPORT: RANSOMWARE COMMAND-AND-CONTROL PROVIDERS UNMASKED * Created 37 minutes ago by AlienVault * Public * TLP: White The Halcyon Research and Engineering Team has published new research that details novel techniques used to unmask yet another Ransomware Economy player that is facilitating ransomware attacks and state-sponsored APT operations: Command-and-Control Providers (C2P) who sell services to threat actors while assuming a legal business profile. Reference: https://www.halcyon.ai/blog/report-ransomware-command-and-control-providers-unmasked-by-halcyon-researchers Tags: Cloudzy, RDP, VPS, BlackBasta, Royal ransomware, C2P Att&ck IDs: T1583 - Acquire Infrastructure , T1562 - Impair Defenses , T1471 - Data Encrypted for Impact , T1094 - Custom Command and Control Protocol , T1104 - Multi-Stage Channels Endpoint Security Scan your endpoints for IOCs from this Pulse! Learn more * Indicators of Compromise (6) * Related Pulses (4) * Comments (0) * History (0) IPv4 (3)FileHash-SHA256 (2)Domain (1) TYPES OF INDICATORS United States (2)United Kingdom (1) THREAT INFRASTRUCTURE Show 10 25 50 100 entries Search: type indicator Role title Added Active related Pulses FileHash-SHA256b27ca5155e42e372d37cf2bcbb1f159627881ecbae2e51d41f414429599d37a7Aug 2, 2023, 6:52:53 PM3FileHash-SHA2564d56e0a878b8a0f04462e7aa2a47d69a6f3a31703563025fb40fb82bab2a2f05Aug 2, 2023, 6:52:53 PM3domainmojimetigi.bizAug 2, 2023, 6:52:53 PM3IPv423.19.58.181Aug 2, 2023, 6:52:53 PM4IPv4172.93.201.120Aug 2, 2023, 6:52:53 PM4IPv4139.177.146.152Aug 2, 2023, 6:52:53 PM5 SHOWING 1 TO 6 OF 6 ENTRIES COMMENTS You must be logged in to leave a comment. Refresh Comments * © Copyright 2023 AlienVault, Inc. * Legal * Status