← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Helldown-Donex-Darktrace-Ransomware.
WHITE PetrP.73 2025-03-18 Modified: 2025-03-18
23
IOCs
MEDIUM VOLUME
The Helldown Ransomware group has been identified as a new strain of the malware and I’ve identified a number of unique detection opportunities for the group.
helldownshadows alltree vtdoxnetttpsransomwaredonexdarkrace
Indicators of Compromise (6 / 23 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 0260ec99d6d28c5c88f3fbce1de70772 MD5 of cb48e4298b216ae532cfd3c89c8f2cbd1e32bb402866d2c81682c6671aa4f8ea 2025-03-18
FileHash-MD5 140aad1f823157222af3da2d23de8789 MD5 of 7cd7c04c62d2a8b4697ceebbe7dd95c910d687e4a6989c1d839117e55c1cafd7 2025-03-18
FileHash-MD5 5e7f5bb24a7cdaabcf3d2e77ed31fa4e MD5 of 0bfe25de8c46834e9a7c216f99057d855e272eafafdfef98a6012cecbbdcfabf 2025-03-18
FileHash-MD5 99109eb335db668094278d1953aff94f MD5 of 0ec61a80e61f56f460fc42e5d4f0accec2b04c8db98c28ed4534946214076f2a 2025-03-18
FileHash-MD5 be37cd010227d7b953b07b93d2e5dadc MD5 of 3e3fad9888856ce195c9c239ad014074f687ba288c78ef26660be93ddd97289e 2025-03-18
FileHash-MD5 cfc7b4d9933483c25141ba49b4d5755e MD5 of 6d6134adfdf16c8ed9513aba40845b15bd314e085ef1d6bd20040afd42e36e40 2025-03-18
References (1)
↗ https://medium.com/detect-fyi/helldown-donex-darktrace-ransomware-fd8683b7d135