SYMBOLCOMMON_NAMEaka. SYNONYMS
win.fivehands (Back to overview)

FiveHands

Actor(s): [Unnamed group]


There is no description at this point.

References
2021-06-28CrowdStrikeAlexandru Ghita
@online{ghita:20210628:new:85c558c, author = {Alexandru Ghita}, title = {{New Ransomware Variant Uses Golang Packer}}, date = {2021-06-28}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/new-ransomware-variant-uses-golang-packer/}, language = {English}, urldate = {2021-06-29} } New Ransomware Variant Uses Golang Packer
FiveHands HelloKitty
2021-06-16FireEyeTyler McLellan, Robert Dean, Justin Moore, Nick Harbour, Mike Hunhoff, Jared Wilson
@online{mclellan:20210616:smoking:fa6559d, author = {Tyler McLellan and Robert Dean and Justin Moore and Nick Harbour and Mike Hunhoff and Jared Wilson}, title = {{Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise}}, date = {2021-06-16}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2021/06/darkside-affiliate-supply-chain-software-compromise.html}, language = {English}, urldate = {2021-06-21} } Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise
Cobalt Strike FiveHands
2021-06-15NCC GroupNCC RIFT, Michael Matthews, William Backhouse
@online{rift:20210615:handy:b76df78, author = {NCC RIFT and Michael Matthews and William Backhouse}, title = {{Handy guide to a new Fivehands ransomware variant}}, date = {2021-06-15}, organization = {NCC Group}, url = {https://research.nccgroup.com/2021/06/15/handy-guide-to-a-new-fivehands-ransomware-variant/}, language = {English}, urldate = {2021-06-16} } Handy guide to a new Fivehands ransomware variant
FiveHands
2021-05-06CISACISA
@online{cisa:20210506:mar103247841v1:408b7aa, author = {CISA}, title = {{MAR-10324784-1.v1: FiveHands Ransomware}}, date = {2021-05-06}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-126b}, language = {English}, urldate = {2021-05-08} } MAR-10324784-1.v1: FiveHands Ransomware
FiveHands
2021-05-06CISACISA
@online{cisa:20210506:analysis:9b259c7, author = {CISA}, title = {{Analysis Report: FiveHands Ransomware}}, date = {2021-05-06}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-126a}, language = {English}, urldate = {2021-05-08} } Analysis Report: FiveHands Ransomware
FiveHands
2021-04-29FireEyeTyler McLellan, Justin Moore, Raymond Leong
@online{mclellan:20210429:unc2447:2ad0d96, author = {Tyler McLellan and Justin Moore and Raymond Leong}, title = {{UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat}}, date = {2021-04-29}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2021/04/unc2447-sombrat-and-fivehands-ransomware-sophisticated-financial-threat.html}, language = {English}, urldate = {2021-09-09} } UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat
FiveHands HelloKitty

There is no Yara-Signature yet.