The Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload.
TAGS: prestige, iridium, impacket, hermeticwiper, ransomware, remoteexec, wmiexec, psexec, foxblade, winpeas
ADVERSARY: IRIDIUM
MALWARE FAMILIES: HermeticWiper, Foxblade
ATT&CK IDS: T1003.001 - LSASS Memory, T1485 - Data Destruction, T1047 - Windows Management Instrumentation, TA0004 - Privilege Escalation, T1486 - Data Encrypted for Impact
Read More:
Comentários