SYMBOLCOMMON_NAMEaka. SYNONYMS
win.dearcry (Back to overview)

dearcry

aka: DoejoCrypt

According to PCrisk, DearCry ransomware has been observed infecting systems via ProxyLogon vulnerabilities of Microsoft Exchange servers - mail and calendaring servers developed by Microsoft. While a patch has been released addressing these vulnerabilities, thousands of Microsoft Exchange servers remained unpatched at the time of research.

References
2022-03-17SophosTilly Travers
The Ransomware Threat Intelligence Center
ATOMSILO Avaddon AvosLocker BlackKingdom Ransomware BlackMatter Conti Cring DarkSide dearcry Dharma Egregor Entropy Epsilon Red Gandcrab Karma LockBit LockFile Mailto Maze Nefilim RagnarLocker Ragnarok REvil RobinHood Ryuk SamSam Snatch WannaCryptor WastedLocker
2021-06-30Advanced IntelligenceAdvIntel Security & Development Team, Brandon Rudisel, Yelisey Boguslavskiy
Ransomware-&-CVE: Industry Insights Into Exclusive High-Value Target Adversarial Datasets
BlackKingdom Ransomware Clop dearcry Hades REvil
2021-04-12CISAUS-CERT
Analysis Report (AR21-102B): DearCry Ransomware
dearcry
2021-03-25LIFARSLIFARS
DearCry Ransomware Malware Analysis and Reverse Engineering
dearcry
2021-03-19YouTube (LIFARS LLC)LIFARS
DearCry Ransomware
dearcry
2021-03-15Sophos LabsMark Loman
DearCry ransomware attacks exploit Exchange server vulnerabilities
dearcry WannaCryptor
2021-03-13YouTube (0xc7a)Twitter (@CatWithoutAHat7)
DearCry Ransomware - A quick look 0x00
dearcry
2021-03-13YouTube (0xc7a)Twitter (@CatWithoutAHat7)
DearCry Ransomware - A quick look 0x02
dearcry
2021-03-13YouTube (0xc7a)0xca7, Twitter (@CatWithoutAHat7)
DearCry Ransomware - A quick look 0x01
dearcry

There is no Yara-Signature yet.