PanelActoresCampanasMapaTTPs
Panel » Actores » pandora
ArsenalExploitsTTP MatrixKillChainMapaActoresSSLBLRansomLookRansomwhereAlertasCyberNews
pandora logo

pandora

1 incidentes 0 paises 0 sectores ransomware CN Ultimo: 2026-06-25
Ver en IntelTracker → APTTrail →
Pandora is a ransomware group that emerged in mid-February 2022, notably announcing its first victim on February 21, 2022. The group's primary motivation is financial gain, achieved through double extortion tactics where they exfiltrate sensitive data before encrypting systems and threatening to leak the information if ransom demands are not met. Pandora is widely suspected to be a rebrand of the Rook ransomware, itself a variant of Babuk, and has been associated with the Chinese-affiliated threat group BRONZE STARLIGHT. What distinguishes Pandora is its emphasis on efficient multithreading for rapid encryption and extensive anti-reverse engineering techniques to hinder analysis.
Tecnicas MITRE
T1495, T1498, T1056, T1134, T1055, T1115
CVEs relacionadas
CVE-2015-3636, CVE-2014-4324, CVE-2014-4321, CVE-2014-3153, CVE-2013-6282

RansomLook pivots

Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.

Abrir perfil →
Data
RecentBrowseTrendingStats
Intel
GroupURLsCryptoLeaksNotesAnalysesTorrents
Info
APIGlossaryAbout
Victimas
0
TTPs unicas
0
Info robada historica
N/D
Rescates reclamados
N/D
Pagos detectados
N/D

Paises objetivo (SOCRadar)

United Arab EmiratesArgentinaAustraliaBelgiumBrazilCanadaChinaCzech RepublicGermanySpain

Sectores objetivo (SOCRadar)

Software PublishersEnterprises & HoldingManufacturingElectrical Equipment, Appliance, and Component ManufacturingPublic AdministrationEducational ServicesInternet PublishingEnergy & Utilities InsuranceMotor Vehicle Manufacturing

URLs nuevas detectadas en IntelTracker

ransomware.anggipradana.com