ARCrypter
AlienVault
· Published 20/12/2025 19:36 · Modified 20/12/2025 22:24
Essential information
- Confidence
- 100/100
- Is family
- No
- Published
- 20/12/2025 19:36
- Modified
- 20/12/2025 22:24
- Revoked
- No
- Author / Source
- AlienVault
- Related entities
- 36 attack patterns (mitre), 1 sectors, 2 countries, 10 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (36)
-
T1486 usesData Encrypted for Impact MITRE
-
T1010 usesApplication Window Discovery MITRE
-
T1547 usesBoot or Logon Autostart Execution MITRE
-
T1005 usesData from Local System MITRE
-
T1059.003 usesWindows Command Shell MITRE
-
T1218 usesSystem Binary Proxy Execution MITRE
-
T1559.001 MITRE
-
T1057 usesProcess Discovery MITRE
-
T1543 usesCreate or Modify System Process MITRE
-
T1082 usesSystem Information Discovery MITRE
-
T1569 usesSystem Services MITRE
-
T1497 usesVirtualization/Sandbox Evasion MITRE
Sectors (1)
-
govermental targets
Countries (2)
-
Chile targets
-
Colombia targets
Indicators (10)
-
stix 100/100 Revoked· Valid until 20/02/2024 · Source: AlienVault
-
stix 100/100 Revoked
SLFPER:Ransom:Win32/Henasome.A!rsm
· Valid until 20/02/2024 · Source: AlienVault -
stix 100/100 Revoked
!#LowFiMSDisabler
· Valid until 20/02/2024 · Source: AlienVault -
stix 100/100 Revoked
SLFPER:Ransom:Win32/Henasome.A!rsm
· Valid until 20/02/2024 · Source: AlienVault -
stix 100/100 Revoked· Valid until 20/02/2024 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 20/02/2024 · Source: AlienVault
-
stix 100/100 Revoked
SLFPER:Ransom:Win32/Henasome.A!rsm
· Valid until 20/02/2024 · Source: AlienVault -
stix 100/100 Revoked
SLFPER:Ransom:Win32/Henasome.A!rsm
· Valid until 20/02/2024 · Source: AlienVault -
stix 100/100 Revoked
SLFPER:Ransom:Win32/Henasome.A!rsm
· Valid until 20/02/2024 · Source: AlienVault -
stix 100/100 Revoked· Valid until 20/02/2024 · Source: AlienVault