top of page
Search
Writer's pictureStormsec

Reconstructing the last activities of Royal Ransomware

Royal Ransomware group started its malicious activities since January, with other ransomware payloads. They started their malicious career as affiliated with other Ransomware-as-a-Service providers. During the last two months, they started to apply the Double Extorsion model, with an ad-hoc website in the Dark Web.


REFERENCE: iocs.temp




MALWARE FAMILY: Royal Ransomware


ATT&CK IDS: T1471 - Data Encrypted for Impact, T1605 - Command-Line Interface, T1083 - File and Directory Discovery


Read More:

4 views

Comments


Commenting has been turned off.
bottom of page