SYMBOLCOMMON_NAMEaka. SYNONYMS
win.midas (Back to overview)

Midas

This malware written in C# is a variant of the Thanos ransomware family and emerged in October 2021 and is obfuscated using SmartAssembly. In 2022, ThreatLabz analysed a report of Midas ransomware was slowly deployed over a two month period (ZScaler). This ransomware features also its own data leak site as part of its double extortion strategy.

References
2022-03-23Security BoulevardRajdeepsinh Dodia
@online{dodia:20220323:midas:017f409, author = {Rajdeepsinh Dodia}, title = {{Midas Ransomware : Tracing the Evolution of Thanos Ransomware Variants}}, date = {2022-03-23}, organization = {Security Boulevard}, url = {https://securityboulevard.com/2022/03/midas-ransomware-tracing-the-evolution-of-thanos-ransomware-variants/}, language = {English}, urldate = {2022-03-25} } Midas Ransomware : Tracing the Evolution of Thanos Ransomware Variants
Hakbit Midas
2022-03-23ZscalerRajdeepsinh Dodia
@online{dodia:20220323:midas:8b975b4, author = {Rajdeepsinh Dodia}, title = {{Midas Ransomware : Tracing the Evolution of Thanos Ransomware Variants}}, date = {2022-03-23}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/midas-ransomware-tracing-evolution-thanos-ransomware-variants}, language = {English}, urldate = {2022-03-25} } Midas Ransomware : Tracing the Evolution of Thanos Ransomware Variants
Hakbit Midas
2022-01-25SophosAndrew Brandt
@online{brandt:20220125:windows:7d316fb, author = {Andrew Brandt}, title = {{Windows services lay the groundwork for a Midas ransomware attack}}, date = {2022-01-25}, organization = {Sophos}, url = {https://news.sophos.com/en-us/2022/01/25/windows-services-lay-the-groundwork-for-a-midas-ransomware-attack/}, language = {English}, urldate = {2022-03-30} } Windows services lay the groundwork for a Midas ransomware attack
Midas

There is no Yara-Signature yet.