S0618Windows

S0618FIVEHANDS

Platforms
1
ATT&CK
14.1
References
3

Description

[FIVEHANDS](https://attack.mitre.org/software/S0618) is a customized version of [DEATHRANSOM](https://attack.mitre.org/software/S0616) ransomware written in C++. [FIVEHANDS](https://attack.mitre.org/software/S0618) has been used since at least 2021, including in Ransomware-as-a-Service (RaaS) campaigns, sometimes along with [SombRAT](https://attack.mitre.org/software/S0615).(Citation: FireEye FiveHands April 2021)(Citation: NCC Group Fivehands June 2021)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0618
  2. https://www.fireeye.com/blog/threat-research/2021/04/unc2447-sombrat-and-fivehands-ransomware-sophisticated-financial-threat.html
  3. https://research.nccgroup.com/2021/06/15/handy-guide-to-a-new-fivehands-ransomware-variant/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
DEATHRANSOM
Software
SombRAT
Software
HELLOKITTY
Software
EKANS
Software
Pay2Key
Software
5ss5c(5ss5cCrypt)
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.