ThreeAM ransomware [Tuesday, January 23, 2024]

Intrinsec’s CTI analysts unveil a new extortion scheme being tested by ThreeAM via X (previously known as Twitter). Bots could have been used to a...
ThreeAM ransomware [Tuesday, January 23, 2024]
ThreeAM ransomware
Report

ThreeAM ransomware

Description :
Intrinsec’s CTI analysts unveil a new extortion scheme being tested by ThreeAM via X (previously known as Twitter). Bots could have been used to automatically name and shame amongst followers of its victims' official X accounts.

Published Created Modified
2024-01-23 00:47:48 2024-01-23 00:47:48 2024-01-23 01:00:43

Tags

Indicators

IPv4s :
  • 5.199.173.52
  • 185.202.0.79
  • 5.199.168.125
  • 5.199.174.149
  • 5.199.173.244
  • 5.199.173.56
  • 5.199.168.204
  • 5.199.161.14
  • 5.199.168.79
  • 5.199.173.211
  • 5.199.168.164
  • 5.199.161.85
  • 5.199.168.236
  • 85.159.229.62
  • 212.18.104.6
  • 185.202.0.111
Malwares :
  • 3AM
  • Lockbit
Hashes :
  • 832a3c90b047e7c5dcfd373d238d16e33e238354d9b1af673003af22f4376e4c
  • ecbdb9cb442a2c712c6fb8aee0ae68758bc79fa064251bab53b62f9e7156febc
  • 680677e14e50f526cced739890ed02fc01da275f9db59482d96b96fbc092d2f4
  • 991ee9548b55e5c815cc877af970542312cff79b3ba01a04a469b645c5d880af
  • 079b99f6601f0f6258f4220438de4e175eb4853649c2d34ada72cce6b1702e22
  • 307a1217aac33c4b7a9cd923162439c19483e952c2ceb15aa82a98b46ff8942e
Intrusion set :
  • ThreeAM
Location :
  • United States of America
MITRE ATT&CK Techniques : Other observables :
  • Mining
  • Agriculture
  • Construction
  • Manufacturing
  • Healthcare

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.