← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Helldown-Donex-Darktrace-Ransomware.
WHITE PetrP.73 2025-03-18 Modified: 2025-03-18
23
IOCs
MEDIUM VOLUME
The Helldown Ransomware group has been identified as a new strain of the malware and I’ve identified a number of unique detection opportunities for the group.
helldownshadows alltree vtdoxnetttpsransomwaredonexdarkrace
Indicators of Compromise (1 / 23 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
URL http://onyxcym4mjilrsptk5uo2dhesbwntuban55mvww2olk5ygqafhu3i3yd.onion 2025-03-18
References (1)
↗ https://medium.com/detect-fyi/helldown-donex-darktrace-ransomware-fd8683b7d135