Ransomware Roundup (April 29, 2024)
May 1, 2024, 11:06 p.m.
Tags
External References
Description
This concise report provides insights into the evolving ransomware landscape, covering the KageNoHitobito and DoNex variants. It analyzes their infection vectors, victimology, attack methods, and associated indicators of compromise (IoCs). The report also highlights Fortinet's protections against these threats and offers guidance on best practices for incident response and ransomware prevention.
Date
Published: April 29, 2024, 6:21 p.m.
Created: April 29, 2024, 6:21 p.m.
Modified: May 1, 2024, 11:06 p.m.
Indicators
8a10e0dc4994268ea33baecd5e89d1e2ddabef30afa09961257a4329669e857a
8939bfe20bc6476806d22c8edfcaba5c36f936b893b3de1c847558502654c82f
74b5e2d90daaf96657e4d3d800bb20bf189bb2cf487479ea0facaf6182e0d1d3
0e60d49a967599fab179f8c885d91db25016be996d66a4e00cbb197e5085efa4
1940fcdb2561c2f7b82f6c44d22a9906e5ffec2438d5dadfe88d1608f5f03c33
0adde4246aaa9fb3964d1d6cf3c29b1b13074015b250eb8e5591339f92e1e3ca
6d6134adfdf16c8ed9513aba40845b15bd314e085ef1d6bd20040afd42e36e40
Attack Patterns
KageNoHitobito
DarkRace
DoNex
KageNoHitobito and DoNex
T1578
T1490
T1137
T1018
T1489
T1486
T1070
T1105
T1083
T1071
T1204
T1027
T1053
T1059
Additional Informations
Sweden
Cuba
Chile
Belgium
Iran, Islamic Republic of
Lithuania
Taiwan
China
Netherlands
Italy
Peru
Germany
Romania
United Kingdom of Great Britain and Northern Ireland
United States of America