← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
REvil, Sodinokibi & Prophet Chakras
WHITE msudosos 2026-05-13 Modified: 2026-05-13
512
IOCs
HIGH VOLUME
REvil / Sodinokibi and CVE-2018-8543 which affects remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. [NIST] Sodinokibi, also known as REvil, is a sophisticated ransomware-as-a-service (RaaS) variant known for its devastating impact on targeted systems and widespread distribution. It poses a significant threat to cybersecurity, encrypting files on infected systems and demanding ransom payments from victims in exchange for decryption keys. [Cybersight]. MGM- Reference guest stays Jan1,25.
file infoscorebotnetfile reporttagswin32 exepe32intelms windowswin32 dynamiclink librarywin16 neicons libraryos2 executablepe32 compilerresolved ipsunixblowfishsha1djangopbkdf2sha256joomlawordpressciscoiossha512ntlmwin32explantiyavl trojanransomarctic wolfunsafe avastaviramicrosoft edgeengine memorychakracorecve idcve20188541cve20188542cve20188551cve20188555cve20188556cve20188557sharescript md5share share
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (31 / 512 total)
All FileHash-MD5 FileHash-SHA256 URL domain hostname FileHash-SHA1 Mutex IPv4 CVE
TYPEINDICATORDESCRIPTIONCREATED
URL http://github.com/Neo23x0/signature-base/search?q=MAL_RANSOM_REvil_Oct20_1 2026-05-13
URL https://jaffacakes118.dev/analysis/4be415c196067f67e61a9ce6502186281b1c6296fbce722b585e2d401277fe42 2026-05-13
URL https://jaffacakes118.dev/analysis/13277299d958e02a68961091074bded3558f21d6314b5a9456218597808f214c 2026-05-13
URL https://jaffacakes118.dev/analysis/1403b83121796a43c14465959e179c20997c87431468f9f56a1351e2f653c9c7 2026-05-13
URL https://jaffacakes118.dev/analysis/43a1ee0969a224bc9119a16c91ce86007784bbe82742d056c4c7c94941b2adda 2026-05-13
URL https://jaffacakes118.dev/analysis/4785e4dc02c24fa269805ee2752103126ea5356659ccc8813b60d2ea7be8fd66 2026-05-13
URL https://jaffacakes118.dev/analysis/57468a4adc55d954ead4fe1f88b07eac1b70ada40fcbc810765fd521ef21eef1 2026-05-13
URL https://jaffacakes118.dev/analysis/669599020a289f2ea475233f438e7d7c68467d7a37cb91e7ad33e681b1ccc234 2026-05-13
URL https://jaffacakes118.dev/analysis/69274b44cfbf4b08ddb5e26a19f68a9ba7ee66d58a7f3fc5f7a962c0354e1c15 2026-05-13
URL https://jaffacakes118.dev/analysis/7986bbaee8940da11ce089383521ab420c443ab7b15ed42aed91fd31ce833896 2026-05-13
URL https://jaffacakes118.dev/analysis/8cfbad219c4d2a21d32866a5bed0ad196730ca89ffc9d7fa54de1e5c1a1ec8cc 2026-05-13
URL https://jaffacakes118.dev/analysis/975bf1d254b989ee12b64df4d07da692a31175f72424baa180f1078bfc0d71b0 2026-05-13
URL https://jaffacakes118.dev/analysis/9a361dc9d17dbcb79bc10c690bc7b987b2040fa8618ce57dd9a8cc10baa01ab9 2026-05-13
URL https://jaffacakes118.dev/analysis/c09e6a1bead2b353e6411ec12da6d827d8f823983a2a25f845ea26ccd31d8f52 2026-05-13
URL https://jaffacakes118.dev/analysis/cb837fc593652b77aefad446c1f31910a244816cfe2fb2a4812d04cbc9363c5c 2026-05-13
URL https://jaffacakes118.dev/analysis/ccd380ea868ffad4f960d7455fecf88c2ac3550001bbb6c21c31ae70b3bbf4f6 2026-05-13
URL https://jaffacakes118.dev/analysis/cd61e1f68ca52218f61961af4ee9f97fcc62962a60acdd4525d075ac1bba42f6 2026-05-13
URL https://jaffacakes118.dev/analysis/dcb9815254f7cd948a9775bd9e407505a60060700dfe41ae07607ddfd68c4ded 2026-05-13
URL https://jaffacakes118.dev/analysis/e047d3bfe94f4a0e7a483f4b58f1a64f63113ce6fc587b25947b8ebd498f2f94 2026-05-13
URL https://jaffacakes118.dev/analysis/e4e0759edfd30d2ceb76d6ebbc1668a4bb83fd41df127f8a3e1979f6dddecf4d 2026-05-13
URL https://jaffacakes118.dev/analysis/e8e8c0fe8fe5f4ad4669bdd567d4397d78e893b106a4780101796747e292102d 2026-05-13
URL https://tria.ge/250625-27wnbsvsfz 2026-05-13
URL http://www.filescan.io/reports/4be415c196067f67e61a9ce6502186281b1c6296fbce722b585e2d401277fe42/7d757c07-8b28-4f05-9f3e-63c0ecb73c60/overview 2026-05-13
URL https://www.malwares.com/report/file?hash=4be415c196067f67e61a9ce6502186281b1c6296fbce722b585e2d401277fe42 2026-05-13
URL http://yomi.yoroi.company/report/5e6165f362924960a2650117/5e67afec60a864b63a9e301b/overview 2026-05-13
URL http://www.shortysspices.com/%0Ahttp://bd2fly.com/%0Ahttp://purepreprod4.com/%0Ahttp://laaisterplakky.nl/%0Ahttp://kombi-dress.com/%0Ahttp://epicjapanart.com/%0Ahttp://kartuindonesia.com/%0Ahttp://koncept-m.ru/%0Ahttp://atrgroup.it/%0Ahttp://tages-geldvergleich.de/.com 2026-05-13
URL http://5.1.0.0 2026-05-13
URL http://6.0.0.0 2026-05-13
URL http://1.0.0.0 2026-05-13
URL https://infra-telemetry.com/api/checkina 2026-05-13
URL https://infra-telemetry.com/pi/checkin 2026-05-13