Khonsari (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

win.khonsari (Back to overview)

Khonsari

A compact ransomware written in .NET and delivered as follow-up to Log4J exploitation, targeting Windows servers.

References

2022-03-01 ⋅ VirusTotal ⋅ VirusTotal
VirusTotal's 2021 Malware Trends Report
Anubis AsyncRAT BlackMatter Cobalt Strike DanaBot Dridex Khonsari MimiKatz Mirai Nanocore RAT Orcus RAT

2021-12-30 ⋅ Cloudsek ⋅ Anandeshwar Unnikrishnan, Isha Tripathi
Technical Analysis of Khonsari Ransomware Campaign Exploiting the Log4Shell Vulnerability
Khonsari

2021-12-23 ⋅ Symantec ⋅ Siddhesh Chandrayan
Log4j Vulnerabilities: Attack Insights
Tsunami Conti Dridex Khonsari Orcus RAT TellYouThePass

2021-12-14 ⋅ Cado Security ⋅ Matt Muir
Analysis of Novel Khonsari Ransomware Deployed by the Log4Shell Vulnerability
Khonsari

2021-12-11 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability
Khonsari NightSky BRONZE STARLIGHT

There is no Yara-Signature yet.

Khonsari Propose Change

References

Khonsari