Mallox Resurrected: Ransomware Attacks Exploiting MS-SQL Continue to Burden Enterprises [Thursday, December 14, 2023]

Mallox Resurrected: Ransomware Attacks Exploiting MS-SQL Continue to Burden Enterprises [Thursday, December 14, 2023]
Report

Mallox Resurrected: Ransomware Attacks Exploiting MS-SQL Continue to Burden Enterprises

Description :
SentinelOne researchers disclosed a new blog on Mallox activity, explaining the group’s initial access methods and providing a high-level analysis of recent Mallox payloads .

Published Created Modified
2023-12-14 16:52:04 2023-12-14 16:52:04 2023-12-14 17:18:08

Tags

Indicators

IPv4s :
  • 104.237.62.211
  • 80.66.75.37
Domains :
  • updt.ps
Hashes :
  • b7a5068f9d696d6767bfddaea222649ff3541af306f93bce23c0aa6edd892534
  • 9b24ee3dd5f50e65ea15aaa3946e76281c4f9d519524dc659f2bcdfb62241316
  • 64e560f40df031149c745ecaf44ce379aa44373d80a0ee3c4bd0abf7955df88e
  • 60784ab7fec3f23066a996f3347b721a09eb677b63dbc5e1bb2bfc920fa3f13d
  • 142f2b232fa96e71379894d1bb6cb242c0f33886c1802922163901e70fdc3320
  • b8bd3cc96bfea60525d611e38b4de30c59d82d1df54a873fc9998533945063ff
  • 601a2f402efcf27db4f9343a60e411959f92cdbb7802bbf4030df7b671c559e3
  • 634043ca72cd2b6a4d7a1cfe2aa12b7cd8c8348055fbc38c7d8006602ac66b87
  • fa450286a4aa25579c8da7684051e7cdda3ba249ff03da71689e5138fd9f5c73
  • 0901a9920c9f0c74fb2170524477693d62c8493715520ae95143abd8055e7a39
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.