SYMBOLCOMMON_NAMEaka. SYNONYMS
win.dearcry (Back to overview)

dearcry

aka: DoejoCrypt

According to PCrisk, DearCry ransomware has been observed infecting systems via ProxyLogon vulnerabilities of Microsoft Exchange servers - mail and calendaring servers developed by Microsoft. While a patch has been released addressing these vulnerabilities, thousands of Microsoft Exchange servers remained unpatched at the time of research.

References
2022-03-17SophosTilly Travers
@online{travers:20220317:ransomware:df38f2f, author = {Tilly Travers}, title = {{The Ransomware Threat Intelligence Center}}, date = {2022-03-17}, organization = {Sophos}, url = {https://news.sophos.com/en-us/2022/03/17/the-ransomware-threat-intelligence-center/}, language = {English}, urldate = {2022-03-18} } The Ransomware Threat Intelligence Center
ATOMSILO Avaddon AvosLocker BlackKingdom Ransomware BlackMatter Conti Cring DarkSide dearcry Dharma Egregor Entropy Epsilon Red Gandcrab Karma LockBit LockFile Mailto Maze Nefilim RagnarLocker Ragnarok REvil RobinHood Ryuk SamSam Snatch WannaCryptor WastedLocker
2021-06-30Advanced IntelligenceYelisey Boguslavskiy, Brandon Rudisel, AdvIntel Security & Development Team
@online{boguslavskiy:20210630:ransomwarecve:deae6a7, author = {Yelisey Boguslavskiy and Brandon Rudisel and AdvIntel Security & Development Team}, title = {{Ransomware-&-CVE: Industry Insights Into Exclusive High-Value Target Adversarial Datasets}}, date = {2021-06-30}, organization = {Advanced Intelligence}, url = {https://www.advanced-intel.com/post/adversarial-perspective-advintel-breach-avoidance-through-monitoring-initial-vulnerabilities}, language = {English}, urldate = {2021-07-01} } Ransomware-&-CVE: Industry Insights Into Exclusive High-Value Target Adversarial Datasets
BlackKingdom Ransomware Clop dearcry Hades REvil
2021-04-12CISAUS-CERT
@online{uscert:20210412:analysis:5c10e58, author = {US-CERT}, title = {{Analysis Report (AR21-102B): DearCry Ransomware}}, date = {2021-04-12}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-102b}, language = {English}, urldate = {2021-04-16} } Analysis Report (AR21-102B): DearCry Ransomware
dearcry
2021-03-25LIFARSLIFARS
@techreport{lifars:20210325:dearcry:16ca9fb, author = {LIFARS}, title = {{DearCry Ransomware Malware Analysis and Reverse Engineering}}, date = {2021-03-25}, institution = {LIFARS}, url = {https://lifars.com/wp-content/uploads/2021/04/DearCry_Ransomware.pdf}, language = {English}, urldate = {2021-04-16} } DearCry Ransomware Malware Analysis and Reverse Engineering
dearcry
2021-03-19YouTube (LIFARS LLC)LIFARS
@online{lifars:20210319:dearcry:9e33116, author = {LIFARS}, title = {{DearCry Ransomware}}, date = {2021-03-19}, organization = {YouTube (LIFARS LLC)}, url = {https://www.youtube.com/watch?v=6lSfxsrs61s&t=5s}, language = {English}, urldate = {2021-04-12} } DearCry Ransomware
dearcry
2021-03-15Sophos LabsMark Loman
@online{loman:20210315:dearcry:a7ac407, author = {Mark Loman}, title = {{DearCry ransomware attacks exploit Exchange server vulnerabilities}}, date = {2021-03-15}, organization = {Sophos Labs}, url = {https://news.sophos.com/en-us/2021/03/15/dearcry-ransomware-attacks-exploit-exchange-server-vulnerabilities/}, language = {English}, urldate = {2021-04-16} } DearCry ransomware attacks exploit Exchange server vulnerabilities
dearcry WannaCryptor
2021-03-13YouTube (0xc7a)Twitter (@CatWithoutAHat7)
@online{catwithoutahat7:20210313:dearcry:85773c0, author = {Twitter (@CatWithoutAHat7)}, title = {{DearCry Ransomware - A quick look 0x02}}, date = {2021-03-13}, organization = {YouTube (0xc7a)}, url = {https://www.youtube.com/watch?v=MRTdGUy1lfw}, language = {English}, urldate = {2021-04-16} } DearCry Ransomware - A quick look 0x02
dearcry
2021-03-13YouTube (0xc7a)Twitter (@CatWithoutAHat7), 0xca7
@online{catwithoutahat7:20210313:dearcry:3a71a24, author = {Twitter (@CatWithoutAHat7) and 0xca7}, title = {{DearCry Ransomware - A quick look 0x01}}, date = {2021-03-13}, organization = {YouTube (0xc7a)}, url = {https://www.youtube.com/watch?v=Hhx9Q2i7zGo}, language = {English}, urldate = {2022-07-01} } DearCry Ransomware - A quick look 0x01
dearcry
2021-03-13YouTube (0xc7a)Twitter (@CatWithoutAHat7)
@online{catwithoutahat7:20210313:dearcry:bb446b1, author = {Twitter (@CatWithoutAHat7)}, title = {{DearCry Ransomware - A quick look 0x00}}, date = {2021-03-13}, organization = {YouTube (0xc7a)}, url = {https://www.youtube.com/watch?v=qmCjtigVVR0}, language = {English}, urldate = {2021-04-16} } DearCry Ransomware - A quick look 0x00
dearcry

There is no Yara-Signature yet.