← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
CONTInuing the Bazar Ransomware Story
WHITE AlienVault 2021-11-29 Modified: 2021-12-29
44
IOCs
MEDIUM VOLUME
As part of a series of reports on cyber-attacks, we look back at some of the key events that have been reported in the past year and look at how the Bazar ransomware story unfolded.
cobalt strikecontibazarloaderadfind
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Bazar - S0534 Net - S0039 Nltest - S0359 cmd - S0106 Tasklist - S0057 Cobalt Strike - S0154 AdFind - S0552 Conti - S0575
Indicators of Compromise (13 / 44 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 YARA domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 193b84d45dd371c6e4a501333d37349b MD5 of 742ed8d0202aafba1c162537087a8a131cb85cde 2021-11-29
FileHash-MD5 26bd89afd5c1ba9803422d33185cef89 2021-11-29
FileHash-MD5 2c313c5b532c905eb8f1748a0d656ff9 2021-11-29
FileHash-MD5 4ba6791f2293a8bc2dfa537015829b3c 2021-11-29
FileHash-MD5 5840aa36b70b7c03c25e5e1266c5835b MD5 of ea031940b2120551a6abbe125eb0536b9e4f14c8 MD5 of ea031940b2120551a6abbe125eb0536b9e4f14c8 2021-11-29
FileHash-MD5 663c8d0fe8b770b50792d10f6c07a652 2021-11-29
FileHash-MD5 68f9b52895f4d34e74112f3129b3b00d MD5 of c5e2018bf7c0f314fed4fd7fe7e69fa2e648359e 2021-11-29
FileHash-MD5 7f112bfa16a6bd344aaed28abf606780 2021-11-29
FileHash-MD5 84361813423910294079d0bc5b6daba2 2021-11-29
FileHash-MD5 9066cfcf809bb19091509a4d0f15f092 MD5 of f88a948b0fd137d4b14cf5aec0c08066cb07e08d 2021-11-29
FileHash-MD5 ab3a744545a12ba2f6789e94b789666a 2021-11-29
FileHash-MD5 e6c3ab2ee9a613efdf995043b140fd8e MD5 of 33738cf695a6ac03675fe925d62ecb529ac73d03 2021-11-29
FileHash-MD5 f6f72e3d91f7b53dd75e347889a793da MD5 of 5d4f020115a483e9e5aa9778c038466f9014c90c 2021-11-29
References (1)
↗ https://thedfirreport.com/2021/11/29/continuing-the-bazar-ransomware-story/