S0697Windows

S0697HermeticWiper

Platforms
1
ATT&CK
14.1
References
8

Description

[HermeticWiper](https://attack.mitre.org/software/S0697) is a data wiper that has been used since at least early 2022, primarily against Ukraine with additional activity observed in Latvia and Lithuania. Some sectors targeted include government, financial, defense, aviation, and IT services.(Citation: SentinelOne Hermetic Wiper February 2022)(Citation: Symantec Ukraine Wipers February 2022)(Citation: Crowdstrike DriveSlayer February 2022)(Citation: ESET Hermetic Wiper February 2022)(Citation: Qualys Hermetic Wiper March 2022)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0697
  2. https://www.cisa.gov/uscert/ncas/alerts/aa22-057a
  3. https://www.crowdstrike.com/blog/how-to-decrypt-the-partyticket-ransomware-targeting-ukraine
  4. https://blog.qualys.com/vulnerabilities-threat-research/2022/03/01/ukrainian-targets-hit-by-hermeticwiper-new-datawiper-malware
  5. https://www.welivesecurity.com/2022/02/24/hermeticwiper-new-data-wiping-malware-hits-ukraine
  6. https://www.sentinelone.com/labs/hermetic-wiper-ukraine-under-attack
  7. https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ukraine-wiper-malware-russia
  8. https://www.crowdstrike.com/blog/how-crowdstrike-falcon-protects-against-wiper-malware-used-in-ukraine-attacks/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
HermeticWizard
Software
CaddyWiper
Software
WhisperGate
Software
KillDisk
Software
NotPetya
Software
KillDisk Wiper
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.