Genel Bakış

RansomHub, 2024'te hızla büyüdü.

MalwareBazaar İstihbarat Verileri

Hash Örnekleri (İlk 50)

SHA256MD5İlk GörülmeTipBoyut
b47302ef408014fe2044... 855af9af7fefe4e2... 2025-05-22 exe 4.194.304
f94c1a572c91edd6297b... 2a3c260e28988e19... 2025-05-22 exe 91.648
bc2db56c79080fcd1d35... d38325ff8f923653... 2025-05-22 exe 11.185.152
0d92088225f8def66803... 04236e32abfe0a55... 2024-11-21 exe 11.185.152
3bd98de6361abdc0b770... 5866d80e02f7829d... 2024-11-20 exe 11.185.152
83654c500c68418142e4... 61f9120a6fc4dea7... 2024-07-26 exe 10.973.184
342b7b89082431c1ba08... 7f6c4cf9e4094d84... 2024-07-26 exe 11.194.880
56856e1e275cebcd477e... 9fe22114dea040c3... 2024-07-26 exe 11.194.880

IOC Özeti

  • Bu analiz 8 adet benzersiz RansomHub örneğini kapsar.
  • Toplam 16 hash IOC kayıt altına alındı.
  • Kampanya aktivitesi: 2024-07-26 ile 2025-05-22 arasında tespit edildi.

RansomHub — Malware Profile

RansomHub, 2024'te hızla büyüdü.

Malware Type
Ransomware
Programming Language
Go
C2 Protocol
Target Systems
Windows/Linux

Capabilities & Behavior

Dosya Şifreleme (AES/RSA)
Gölge Kopya Silme
Yedek Kaldırma
Fidye Notu Oluşturma
Kalıcılık Sağlama
Ağ Paylaşımı Şifreleme
Anti-Analiz Teknikleri
Çift Gasp (Data Leak)

IOC List (32 indicators)

IOC — RansomHub
# SHA256 b47302ef408014fe2044ce70331e50dfb5e41ec1d82c9fbe126f39c381f6567e # SHA256 f94c1a572c91edd6297b6980d4ec88a7ba0d66df8ddc489dd4a362f5f5b8f162 # SHA256 bc2db56c79080fcd1d35c940f18479485a947384347c06b7756da3cc221f7dc3 # SHA256 0d92088225f8def668030ec98460107f6dbec6160c49de388d13bc060f2a95be # SHA256 3bd98de6361abdc0b7701e5b134879db841e00d4a64c3e517cf9becf2ed4ddea # SHA256 83654c500c68418142e43b31ebbec040d9d36cfbbe08c7b9b3dc90fabc14801a # SHA256 342b7b89082431c1ba088315c5ee81e89a94e36663f2ab8cfc27e17f7853ca2b # SHA256 56856e1e275cebcd477e3a2995cd76398cfbb6c210181a14939c6307a82e6763 # SHA256 b47302ef408014fe2044ce70331e50dfb5e41ec1d82c9fbe126f39c381f6567e # SHA256 f94c1a572c91edd6297b6980d4ec88a7ba0d66df8ddc489dd4a362f5f5b8f162 # SHA256 bc2db56c79080fcd1d35c940f18479485a947384347c06b7756da3cc221f7dc3 # SHA256 0d92088225f8def668030ec98460107f6dbec6160c49de388d13bc060f2a95be # SHA256 3bd98de6361abdc0b7701e5b134879db841e00d4a64c3e517cf9becf2ed4ddea # SHA256 83654c500c68418142e43b31ebbec040d9d36cfbbe08c7b9b3dc90fabc14801a # SHA256 342b7b89082431c1ba088315c5ee81e89a94e36663f2ab8cfc27e17f7853ca2b # SHA256 56856e1e275cebcd477e3a2995cd76398cfbb6c210181a14939c6307a82e6763 # MD5 855af9af7fefe4e2f82ac39f1a1300ba # MD5 2a3c260e28988e190decbefdc60fd636 # MD5 d38325ff8f92365371904951e4548651 # MD5 04236e32abfe0a55c3b0383d54196e14 # MD5 5866d80e02f7829d6f82657625acd547 # MD5 61f9120a6fc4dea728175f3beffd5c70 # MD5 7f6c4cf9e4094d84bf4b7d90e028c29c # MD5 9fe22114dea040c36539ccb2e7c584ab # MD5 855af9af7fefe4e2f82ac39f1a1300ba # MD5 2a3c260e28988e190decbefdc60fd636 # MD5 d38325ff8f92365371904951e4548651 # MD5 04236e32abfe0a55c3b0383d54196e14 # MD5 5866d80e02f7829d6f82657625acd547 # MD5 61f9120a6fc4dea728175f3beffd5c70 # MD5 7f6c4cf9e4094d84bf4b7d90e028c29c # MD5 9fe22114dea040c36539ccb2e7c584ab
TypeValueNote
sha256 b47302ef408014fe2044ce70331e50dfb5e41ec1d82c9fbe126f39c381f6567e MB:RansomHub
sha256 f94c1a572c91edd6297b6980d4ec88a7ba0d66df8ddc489dd4a362f5f5b8f162 MB:RansomHub
sha256 bc2db56c79080fcd1d35c940f18479485a947384347c06b7756da3cc221f7dc3 MB:RansomHub
sha256 0d92088225f8def668030ec98460107f6dbec6160c49de388d13bc060f2a95be MB:RansomHub
sha256 3bd98de6361abdc0b7701e5b134879db841e00d4a64c3e517cf9becf2ed4ddea MB:RansomHub
sha256 83654c500c68418142e43b31ebbec040d9d36cfbbe08c7b9b3dc90fabc14801a MB:RansomHub
sha256 342b7b89082431c1ba088315c5ee81e89a94e36663f2ab8cfc27e17f7853ca2b MB:RansomHub
sha256 56856e1e275cebcd477e3a2995cd76398cfbb6c210181a14939c6307a82e6763 MB:RansomHub
sha256 b47302ef408014fe2044ce70331e50dfb5e41ec1d82c9fbe126f39c381f6567e MB:RansomHub
sha256 f94c1a572c91edd6297b6980d4ec88a7ba0d66df8ddc489dd4a362f5f5b8f162 MB:RansomHub
sha256 bc2db56c79080fcd1d35c940f18479485a947384347c06b7756da3cc221f7dc3 MB:RansomHub
sha256 0d92088225f8def668030ec98460107f6dbec6160c49de388d13bc060f2a95be MB:RansomHub
sha256 3bd98de6361abdc0b7701e5b134879db841e00d4a64c3e517cf9becf2ed4ddea MB:RansomHub
sha256 83654c500c68418142e43b31ebbec040d9d36cfbbe08c7b9b3dc90fabc14801a MB:RansomHub
sha256 342b7b89082431c1ba088315c5ee81e89a94e36663f2ab8cfc27e17f7853ca2b MB:RansomHub
sha256 56856e1e275cebcd477e3a2995cd76398cfbb6c210181a14939c6307a82e6763 MB:RansomHub
md5 855af9af7fefe4e2f82ac39f1a1300ba MB:RansomHub
md5 2a3c260e28988e190decbefdc60fd636 MB:RansomHub
md5 d38325ff8f92365371904951e4548651 MB:RansomHub
md5 04236e32abfe0a55c3b0383d54196e14 MB:RansomHub
md5 5866d80e02f7829d6f82657625acd547 MB:RansomHub
md5 61f9120a6fc4dea728175f3beffd5c70 MB:RansomHub
md5 7f6c4cf9e4094d84bf4b7d90e028c29c MB:RansomHub
md5 9fe22114dea040c36539ccb2e7c584ab MB:RansomHub
md5 855af9af7fefe4e2f82ac39f1a1300ba MB:RansomHub
md5 2a3c260e28988e190decbefdc60fd636 MB:RansomHub
md5 d38325ff8f92365371904951e4548651 MB:RansomHub
md5 04236e32abfe0a55c3b0383d54196e14 MB:RansomHub
md5 5866d80e02f7829d6f82657625acd547 MB:RansomHub
md5 61f9120a6fc4dea728175f3beffd5c70 MB:RansomHub
md5 7f6c4cf9e4094d84bf4b7d90e028c29c MB:RansomHub
md5 9fe22114dea040c36539ccb2e7c584ab MB:RansomHub
Tags
bulkiocmalwarebazaarransomwareransomhub