Genel Bakış
RansomHub, 2024'te hızla büyüdü.
MalwareBazaar İstihbarat Verileri
Hash Örnekleri (İlk 50)
| SHA256 | MD5 | İlk Görülme | Tip | Boyut |
|---|---|---|---|---|
| b47302ef408014fe2044... | 855af9af7fefe4e2... | 2025-05-22 | exe | 4.194.304 |
| f94c1a572c91edd6297b... | 2a3c260e28988e19... | 2025-05-22 | exe | 91.648 |
| bc2db56c79080fcd1d35... | d38325ff8f923653... | 2025-05-22 | exe | 11.185.152 |
| 0d92088225f8def66803... | 04236e32abfe0a55... | 2024-11-21 | exe | 11.185.152 |
| 3bd98de6361abdc0b770... | 5866d80e02f7829d... | 2024-11-20 | exe | 11.185.152 |
| 83654c500c68418142e4... | 61f9120a6fc4dea7... | 2024-07-26 | exe | 10.973.184 |
| 342b7b89082431c1ba08... | 7f6c4cf9e4094d84... | 2024-07-26 | exe | 11.194.880 |
| 56856e1e275cebcd477e... | 9fe22114dea040c3... | 2024-07-26 | exe | 11.194.880 |
IOC Özeti
- Bu analiz 8 adet benzersiz RansomHub örneğini kapsar.
- Toplam 16 hash IOC kayıt altına alındı.
- Kampanya aktivitesi: 2024-07-26 ile 2025-05-22 arasında tespit edildi.
RansomHub — Malware Profile
RansomHub, 2024'te hızla büyüdü.
Malware Type
Ransomware
Programming Language
Go
C2 Protocol
—
Target Systems
Windows/Linux
Capabilities & Behavior
Dosya Şifreleme (AES/RSA)
Gölge Kopya Silme
Yedek Kaldırma
Fidye Notu Oluşturma
Kalıcılık Sağlama
Ağ Paylaşımı Şifreleme
Anti-Analiz Teknikleri
Çift Gasp (Data Leak)
IOC List (32 indicators)
IOC — RansomHub
# SHA256
b47302ef408014fe2044ce70331e50dfb5e41ec1d82c9fbe126f39c381f6567e
# SHA256
f94c1a572c91edd6297b6980d4ec88a7ba0d66df8ddc489dd4a362f5f5b8f162
# SHA256
bc2db56c79080fcd1d35c940f18479485a947384347c06b7756da3cc221f7dc3
# SHA256
0d92088225f8def668030ec98460107f6dbec6160c49de388d13bc060f2a95be
# SHA256
3bd98de6361abdc0b7701e5b134879db841e00d4a64c3e517cf9becf2ed4ddea
# SHA256
83654c500c68418142e43b31ebbec040d9d36cfbbe08c7b9b3dc90fabc14801a
# SHA256
342b7b89082431c1ba088315c5ee81e89a94e36663f2ab8cfc27e17f7853ca2b
# SHA256
56856e1e275cebcd477e3a2995cd76398cfbb6c210181a14939c6307a82e6763
# SHA256
b47302ef408014fe2044ce70331e50dfb5e41ec1d82c9fbe126f39c381f6567e
# SHA256
f94c1a572c91edd6297b6980d4ec88a7ba0d66df8ddc489dd4a362f5f5b8f162
# SHA256
bc2db56c79080fcd1d35c940f18479485a947384347c06b7756da3cc221f7dc3
# SHA256
0d92088225f8def668030ec98460107f6dbec6160c49de388d13bc060f2a95be
# SHA256
3bd98de6361abdc0b7701e5b134879db841e00d4a64c3e517cf9becf2ed4ddea
# SHA256
83654c500c68418142e43b31ebbec040d9d36cfbbe08c7b9b3dc90fabc14801a
# SHA256
342b7b89082431c1ba088315c5ee81e89a94e36663f2ab8cfc27e17f7853ca2b
# SHA256
56856e1e275cebcd477e3a2995cd76398cfbb6c210181a14939c6307a82e6763
# MD5
855af9af7fefe4e2f82ac39f1a1300ba
# MD5
2a3c260e28988e190decbefdc60fd636
# MD5
d38325ff8f92365371904951e4548651
# MD5
04236e32abfe0a55c3b0383d54196e14
# MD5
5866d80e02f7829d6f82657625acd547
# MD5
61f9120a6fc4dea728175f3beffd5c70
# MD5
7f6c4cf9e4094d84bf4b7d90e028c29c
# MD5
9fe22114dea040c36539ccb2e7c584ab
# MD5
855af9af7fefe4e2f82ac39f1a1300ba
# MD5
2a3c260e28988e190decbefdc60fd636
# MD5
d38325ff8f92365371904951e4548651
# MD5
04236e32abfe0a55c3b0383d54196e14
# MD5
5866d80e02f7829d6f82657625acd547
# MD5
61f9120a6fc4dea728175f3beffd5c70
# MD5
7f6c4cf9e4094d84bf4b7d90e028c29c
# MD5
9fe22114dea040c36539ccb2e7c584ab
| Type | Value | Note |
|---|---|---|
| sha256 | b47302ef408014fe2044ce70331e50dfb5e41ec1d82c9fbe126f39c381f6567e | MB:RansomHub |
| sha256 | f94c1a572c91edd6297b6980d4ec88a7ba0d66df8ddc489dd4a362f5f5b8f162 | MB:RansomHub |
| sha256 | bc2db56c79080fcd1d35c940f18479485a947384347c06b7756da3cc221f7dc3 | MB:RansomHub |
| sha256 | 0d92088225f8def668030ec98460107f6dbec6160c49de388d13bc060f2a95be | MB:RansomHub |
| sha256 | 3bd98de6361abdc0b7701e5b134879db841e00d4a64c3e517cf9becf2ed4ddea | MB:RansomHub |
| sha256 | 83654c500c68418142e43b31ebbec040d9d36cfbbe08c7b9b3dc90fabc14801a | MB:RansomHub |
| sha256 | 342b7b89082431c1ba088315c5ee81e89a94e36663f2ab8cfc27e17f7853ca2b | MB:RansomHub |
| sha256 | 56856e1e275cebcd477e3a2995cd76398cfbb6c210181a14939c6307a82e6763 | MB:RansomHub |
| sha256 | b47302ef408014fe2044ce70331e50dfb5e41ec1d82c9fbe126f39c381f6567e | MB:RansomHub |
| sha256 | f94c1a572c91edd6297b6980d4ec88a7ba0d66df8ddc489dd4a362f5f5b8f162 | MB:RansomHub |
| sha256 | bc2db56c79080fcd1d35c940f18479485a947384347c06b7756da3cc221f7dc3 | MB:RansomHub |
| sha256 | 0d92088225f8def668030ec98460107f6dbec6160c49de388d13bc060f2a95be | MB:RansomHub |
| sha256 | 3bd98de6361abdc0b7701e5b134879db841e00d4a64c3e517cf9becf2ed4ddea | MB:RansomHub |
| sha256 | 83654c500c68418142e43b31ebbec040d9d36cfbbe08c7b9b3dc90fabc14801a | MB:RansomHub |
| sha256 | 342b7b89082431c1ba088315c5ee81e89a94e36663f2ab8cfc27e17f7853ca2b | MB:RansomHub |
| sha256 | 56856e1e275cebcd477e3a2995cd76398cfbb6c210181a14939c6307a82e6763 | MB:RansomHub |
| md5 | 855af9af7fefe4e2f82ac39f1a1300ba | MB:RansomHub |
| md5 | 2a3c260e28988e190decbefdc60fd636 | MB:RansomHub |
| md5 | d38325ff8f92365371904951e4548651 | MB:RansomHub |
| md5 | 04236e32abfe0a55c3b0383d54196e14 | MB:RansomHub |
| md5 | 5866d80e02f7829d6f82657625acd547 | MB:RansomHub |
| md5 | 61f9120a6fc4dea728175f3beffd5c70 | MB:RansomHub |
| md5 | 7f6c4cf9e4094d84bf4b7d90e028c29c | MB:RansomHub |
| md5 | 9fe22114dea040c36539ccb2e7c584ab | MB:RansomHub |
| md5 | 855af9af7fefe4e2f82ac39f1a1300ba | MB:RansomHub |
| md5 | 2a3c260e28988e190decbefdc60fd636 | MB:RansomHub |
| md5 | d38325ff8f92365371904951e4548651 | MB:RansomHub |
| md5 | 04236e32abfe0a55c3b0383d54196e14 | MB:RansomHub |
| md5 | 5866d80e02f7829d6f82657625acd547 | MB:RansomHub |
| md5 | 61f9120a6fc4dea728175f3beffd5c70 | MB:RansomHub |
| md5 | 7f6c4cf9e4094d84bf4b7d90e028c29c | MB:RansomHub |
| md5 | 9fe22114dea040c36539ccb2e7c584ab | MB:RansomHub |