SYMBOLCOMMON_NAMEaka. SYNONYMS
win.prometheus (Back to overview)

Prometheus


Ransomware written in .NET, apparently derived from the codebase of win.hakbit (Thanos) ransomware.

References
2022-01-24CyCraftCyCraft AI
@online{ai:20220124:road:2070066, author = {CyCraft AI}, title = {{The Road to Ransomware Resilience, Part 2: Behavior Analysis}}, date = {2022-01-24}, organization = {CyCraft}, url = {https://medium.com/cycraft/the-road-to-ransomware-resilience-c1ca37036efd}, language = {English}, urldate = {2022-03-02} } The Road to Ransomware Resilience, Part 2: Behavior Analysis
Conti Prometheus WastedLocker
2021-11-01IBMAaron Gdanski, Limor Kessem
@online{gdanski:20211101:from:dc06d28, author = {Aaron Gdanski and Limor Kessem}, title = {{From Thanos to Prometheus: When Ransomware Encryption Goes Wrong}}, date = {2021-11-01}, organization = {IBM}, url = {https://securityintelligence.com/posts/ransomware-encryption-goes-wrong/}, language = {English}, urldate = {2021-11-08} } From Thanos to Prometheus: When Ransomware Encryption Goes Wrong
Hakbit Prometheus
2021-10-28Sentinel LABSJim Walter, Niranjan Jayanand
@online{walter:20211028:spook:1ab988d, author = {Jim Walter and Niranjan Jayanand}, title = {{Spook Ransomware | Prometheus Derivative Names Those That Pay, Shames Those That Don’t}}, date = {2021-10-28}, organization = {Sentinel LABS}, url = {https://www.sentinelone.com/labs/spook-ransomware-prometheus-derivative-names-those-that-pay-shames-those-that-dont/}, language = {English}, urldate = {2021-11-03} } Spook Ransomware | Prometheus Derivative Names Those That Pay, Shames Those That Don’t
Prometheus
2021-10-05Medium s2wlabS2W TALON
@online{talon:20211005:prometheus:b698c61, author = {S2W TALON}, title = {{Prometheus x Spook: Prometheus ransomware rebranded Spook ransomware.}}, date = {2021-10-05}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/prometheus-x-spook-prometheus-ransomware-rebranded-spook-ransomware-6f93bd8ab5dd}, language = {English}, urldate = {2021-10-11} } Prometheus x Spook: Prometheus ransomware rebranded Spook ransomware.
Prometheus
2021-09-24Twitter (@inversecos)inversecos
@online{inversecos:20210924:thread:01232d1, author = {inversecos}, title = {{A thread on TTPs of Prometheus Ransomware attacks}}, date = {2021-09-24}, organization = {Twitter (@inversecos)}, url = {https://twitter.com/inversecos/status/1441252744258461699?s=20}, language = {English}, urldate = {2021-09-29} } A thread on TTPs of Prometheus Ransomware attacks
Prometheus
2021-08-01The RecordCatalin Cimpanu
@online{cimpanu:20210801:decryptor:5f67ec8, author = {Catalin Cimpanu}, title = {{Decryptor released for Prometheus ransomware victims}}, date = {2021-08-01}, organization = {The Record}, url = {https://therecord.media/decryptor-released-for-prometheus-ransomware-victims/}, language = {English}, urldate = {2021-08-06} } Decryptor released for Prometheus ransomware victims
Prometheus
2021-07-15CybereasonCybereason Nocturnus
@online{nocturnus:20210715:cybereason:06113e5, author = {Cybereason Nocturnus}, title = {{cybereason vs. prometheus ransomware}}, date = {2021-07-15}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/cybereason-vs.-prometheus-ransomware}, language = {English}, urldate = {2021-08-03} } cybereason vs. prometheus ransomware
Hakbit Prometheus
2021-07-13Medium CyCraftCyCraft Technology Corp
@online{corp:20210713:prometheus:bd4e53b, author = {CyCraft Technology Corp}, title = {{Prometheus Ransomware Decryptor}}, date = {2021-07-13}, organization = {Medium CyCraft}, url = {https://medium.com/cycraft/prometheus-decryptor-6933e7bac1ea}, language = {English}, urldate = {2021-08-02} } Prometheus Ransomware Decryptor
Prometheus
2021-06-09Palo Alto Networks Unit 42Doel Santos
@online{santos:20210609:prometheus:e4fdf9e, author = {Doel Santos}, title = {{Prometheus Ransomware Gang: A Group of REvil?}}, date = {2021-06-09}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/prometheus-ransomware/}, language = {English}, urldate = {2021-06-09} } Prometheus Ransomware Gang: A Group of REvil?
Hakbit Prometheus REvil
2021-05-10ID RansomwareAndrew Ivanov
@online{ivanov:20210510:prometheus:ca33dd5, author = {Andrew Ivanov}, title = {{Prometheus Ransomware Haron Ransomware}}, date = {2021-05-10}, organization = {ID Ransomware}, url = {https://id-ransomware.blogspot.com/2021/05/prometheus-ransomware.html}, language = {English}, urldate = {2021-08-02} } Prometheus Ransomware Haron Ransomware
Prometheus

There is no Yara-Signature yet.