Dispossessor Defunct

Also known as: Radar
Targeted SMBs using re-posted data from other groups initially, then own operations.
PDF Report Back to Groups
0
Total Victims
2023-08-01
First Seen
N/A
Last Seen
14
Known TTPs
26.1d
Avg Delay
0
Negotiations
ONION URLS
e27z5kd2rjsern2gpgukhcioysqlfquxgf7rxpvcwepxl4lfc736piyd.onion
TOOLS
LockBit affiliate
FILE EXTENSIONS
.dispossessor
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
Date Victim Name Country Sector Status
No victims recorded
Technique ID Technique Name Tactic
T1560.001 Archive via Utility Collection
T1071.001 Web Protocols Command and Control
T1219 Remote Access Software Command and Control
T1110.001 Password Guessing Credential Access
T1558.003 Kerberoasting Credential Access
T1036.005 Match Legitimate Name or Location Defense Evasion
T1218.011 Rundll32 Defense Evasion
T1562.004 Disable or Modify System Firewall Defense Evasion
T1562.009 Safe Mode Boot Defense Evasion
T1016 System Network Configuration Discovery Discovery
T1018 Remote System Discovery Discovery
T1135 Network Share Discovery Discovery
T1059.001 PowerShell Execution
T1080 Taint Shared Content Lateral Movement

No YARA rules

No IoCs

No ransom notes