otx.alienvault.com
Open in
urlscan Pro
13.32.121.8
Public Scan
URL:
https://otx.alienvault.com/pulse/62f36c89909d6b719ba8d340
Submission: On August 10 via api from DE — Scanned from DE
Submission: On August 10 via api from DE — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
× * Browse * Scan Endpoints * Create Pulse * Submit Sample * API Integration * Login | Sign Up All * Login | Sign Up * Share Actions Subscribers (197003) Suggest Edit Clone Embed Download Report Spam NOVEL NEWS ON CUBA RANSOMWARE AKA GREETINGS FROM TROPICAL SCORPIUS * Created 4 hours ago by AlienVault * Public * TLP: White Beginning in early May 2022, Unit 42 observed a threat actor deploying Cuba Ransomware using novel tools and techniques. Unit 42 tracks the threat actor as Tropical Scorpius. Reference: https://unit42.paloaltonetworks.com/cuba-ransomware-tropical-scorpius/ Tags: cuba ransomware, tropical scorpius, romcom, kerbercache, zerologon, unc2596, ransomware Adversary: Tropical Scorpius Malware Families: Cuba , ROMCOM , SCREENSHOOTER , ZeroLogon , KerberCache Att&ck IDs: T1059 - Command and Scripting Interpreter , T1106 - Native API , T1546 - Event Triggered Execution , T1218 - Signed Binary Proxy Execution , T1095 - Non-Application Layer Protocol , T1566 - Phishing , T1027 - Obfuscated Files or Information , T1057 - Process Discovery , T1486 - Data Encrypted for Impact , T1003.001 - LSASS Memory , T1003 - OS Credential Dumping , T1497 - Virtualization/Sandbox Evasion , T1113 - Screen Capture Endpoint Security Scan your endpoints for IOCs from this Pulse! Learn more * Indicators of Compromise (34) * Related Pulses (19) * Comments (0) * History (0) Domain (2)email (1)CVE (1)FileHash-SHA256 (16)FileHash-MD5 (7)FileHash-SHA1 (7) TYPES OF INDICATORS Show 10 25 50 100 entries Search: type indicator Role title Added Active related Pulses emailponcho@combinedresidency.orgAug 10, 2022, 8:30:02 AM1 domainoptasko.comAug 10, 2022, 8:30:02 AM2 FileHash-SHA256cfe7b462a8224b2fbf2b246f05973662bdabc2c4e8f4728c9a1b977fac010c15Aug 10, 2022, 8:30:02 AM2 FileHash-SHA256b5978cf7d0c275d09bedf09f07667e139ad7fed8f9e47742e08c914c5cf44a53Aug 10, 2022, 8:30:02 AM2 FileHash-SHA256af6561ad848aa1ba53c62a323de230b18cfd30d8795d4af36bf1ce6c28e3fd4eConventionEngine_Anomaly_MultiPDB_DoubleAug 10, 2022, 8:30:02 AM3 FileHash-SHA256ab5a3bbad1c4298bc287d0ac8c27790d68608393822da2365556ba99d52c5dfbstack_stringAug 10, 2022, 8:30:02 AM2 FileHash-SHA256a4665231bad14a2ac9f2e20a6385e1477c299d97768048cb3e9df6b45ae54eb8Aug 10, 2022, 8:30:02 AM2 FileHash-SHA2566866e82d0f6f6d8cf5a43d02ad523f377bb0b374d644d2f536ec7ec18fdaf576ConventionEngine_Keyword_KaliAug 10, 2022, 8:30:02 AM2 FileHash-SHA2563febf726ffb4f4a4186571d05359d2851e52d5612c5818b2b167160d367f722cAug 10, 2022, 8:30:02 AM5 FileHash-SHA2563a8b7c1fe9bd9451c0a51e4122605efc98e7e4e13ed117139a13e4749e211ed0stack_stringAug 10, 2022, 8:30:02 AM7 SHOWING 1 TO 10 OF 34 ENTRIES 1 2 3 4 Next COMMENTS You must be logged in to leave a comment. Refresh Comments * © Copyright 2022 AlienVault, Inc. * Legal * Status