216.73.217.22

Yurei

· Published 21/12/2025 16:06 · Modified 21/12/2025 16:06 · Source: AlienVault

Essential information

Confidence
100/100
Published
21/12/2025 16:06
Modified
21/12/2025 16:06
Updated at
21/12/2025 16:06
Revoked
No
Author / Source
AlienVault
Resource level
Primary motivation
Related entities
2 reports, 19 attack patterns (mitre), 3 malware, 5 sectors, 4 countries, 5 indicators

Description

No description.

Marking (TLP)

TLP:CLEAR

Related entities

Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.

Reports (2)

Attack patterns (MITRE) (19)

  • T1566 uses
    Phishing
  • T1112 uses
    Modify Registry
  • T1055 uses
    Process Injection
  • T1057 uses
    Process Discovery
  • T1132.001 uses
    Standard Encoding
  • T1027 uses
    Obfuscated Files or Information
  • T1486 uses
    Data Encrypted for Impact
  • T1071.001 uses
    Web Protocols
  • T1561.001 uses
    Disk Content Wipe
  • T1562.001 uses
    Disable or Modify Tools
  • T1573.001 uses
    Symmetric Cryptography
  • T1140 uses
    Deobfuscate/Decode Files or Information
  • T1070 uses
    Indicator Removal
  • T1083 uses
    File and Directory Discovery
  • T1490 uses
    Inhibit System Recovery
  • T1082 uses
    System Information Discovery
  • T1021.002 uses
    SMB/Windows Admin Shares
  • T1012 uses
    Query Registry
  • T1005 uses
    Data from Local System

Malware (3)

  • SatanLockv2 uses
    Family
    Published 12/09/2025 15:33 · Modified 12/09/2025 15:33
  • Prince-Ransomware uses
    Family
    Published 12/09/2025 15:33 · Modified 12/09/2025 15:33
  • Yurei uses
    Family
    Published 14/11/2025 12:16 · Modified 14/11/2025 12:16

Sectors (5)

  • Technology targets
  • Transportation targets
  • Food and drinks businesses targets
  • Manufacturing targets
  • Media targets

Countries (4)

  • Sri Lanka targets
  • Nigeria targets
  • British Indian Ocean Territory targets
  • India targets

Indicators (5)

  • fewcriet5rhoy66k6c4cyvb2pqrblxtx4mekj3s5l4jjt4t4kn4vheyd.onion indicates
  • 89a54d3a38d2364784368a40ab228403f1f1c1926892fe8355aa29d00eb36819 indicates
  • 0303f89829763e734b1f9d4f46671e59bfaa1be5d8ec84d35a203efbfcb9bb15 indicates
  • d2539173bdc81503bf1b842a21d9599948e957cadc76a283a52f5849323d8e04 indicates
  • 1ea37e077e6b2463b8440065d5110377e2b4b4283ce9849ac5efad6d664a8e9e indicates