← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Analysis of Sodinokibi aka REvil Ransomware-as-a-Service
WHITE AlienVault 2019-10-02 Modified: 2019-10-02
6
IOCs
LOW VOLUME
Analysis done by McAfee ATR.
RansomwareSodinokibi
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (6)
All FileHash-MD5 CVE FileHash-SHA256 FileHash-SHA1 YARA
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 ccfde149220e87e97198c23fb8115d5a 2019-10-02
CVE CVE-2018-8453 2019-10-02
FileHash-SHA256 246aea5a28ed117238ed0da8e6c96a9a9f1c627613d0f9f57da3e819f57231eb 2019-10-02
FileHash-MD5 ef777a861ede95d3b02b0b135952d43a 2019-10-02
FileHash-SHA1 39e4eb1ab854c4a7929e8e77ca0dbca37049154d 2019-10-02
YARA 2b0b0ba708ad5d0d209c6efe3a1598b34bcb93f7 2019-10-02
References (1)
↗ https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-atr-analyzes-sodinokibi-aka-revil-ransomware-as-a-service-what-the-code-tells-us/