SYMBOLCOMMON_NAMEaka. SYNONYMS
win.knight (Back to overview)

Knight

aka: Cyclops

According to Symantec, this is a ransomware written in Golang and obfuscated with Gobfuscate. The source code for Knight (originally known as Cyclops) was offered for sale on underground forums in February 2024 after Knight’s developers decided to shut down their operation.

References
2024-06-05SymantecSymantec Threat Intelligence
RansomHub: New Ransomware has Origins in Older Knight
Knight RansomHub RansomHub

There is no Yara-Signature yet.