Bluelocker Ransomware Campaign
Ransomware campaign by bluelocker.
Resumen de la Campana
Ransomware campaign by bluelocker.
Objetivos
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976). The campaign includes a multi-stage exploit chain targeting bank authentication endpoints.
Tacticas
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976). The campaign includes a multi-stage exploit chain targeting bank authentication endpoints.
Indicadores de Compromiso (IOCs)
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976). The campaign includes a multi-stage exploit chain targeting bank authentication endpoints.
Impacto
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976). The campaign includes a multi-stage exploit chain targeting bank authentication endpoints.
| Tipo | Valor | Contexto |
|---|
| Malware File | c20f3489a6d5b7e1c8f3d2a9b6c4e1f8 | Bluelocker binary payload (CVE-2023-1976) |
| Ransomware File | random_hash_abc123def456 | Cryptexed backup files created after encryption |
| Payload URL | https://malicious-server.com/c2/endpoint | Internal C2 server for command and control |
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976). The campaign includes a multi-stage exploit chain targeting bank authentication endpoints.
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976). The campaign includes a multi-stage exploit chain targeting bank authentication endpoints.
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976).
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976). The campaign includes a multi-stage exploit chain targeting bank authentication endpoints.
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976).
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976). The campaign includes a multi-stage exploit chain targeting bank authentication endpoints.
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976).
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976). The campaign includes a multi-stage exploit chain targeting bank authentication endpoints.
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976).
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976). The campaign includes a multi-stage exploit chain targeting bank authentication endpoints.
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976).
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976). The campaign includes a multi-stage exploit chain targeting bank authentication endpoints.
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976).
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976). The campaign includes a multi-stage exploit chain targeting bank authentication endpoints.
RansomLook targets banks and financial institutions, but also uses the same malware as the 2024 RansomLook attack (CVE-2023-1976).