HellCat Active

Jira exploitation specialist group
PDF Report Back to Groups
0
Total Victims
2024-10-01
First Seen
N/A
Last Seen
0
Known TTPs
20.1d
Avg Delay
0
Negotiations
ONION URLS
hellcakbszllztlyqbjzwcbdhfrodx55wq77kmftp4bhnhsnn5r3odad.onion
hellcatdcy653ma43t2ryf2ztw5yfanqsbfmapndbqvteh5itctoijyd.onion
hellcatdnrsu4i5uctbklunpfyv2ppiioh5sb3leu4dfgizinrve3gqd.onion
hellcatdohzngkuh7zruzhi2wojrawbnzbyzljtkw6iluv5ussfer4id.onion
hellcatdue7rasyoi4oh6t3fhra5bpcj5t6xmrm4vjicfqdvrl24ijid.onion
hellcatj6xgvho4qxnr2nbzzthsqel577i5wvzcpfjgavbo3d5l657id.onion
TOOLS
Jira exploits SliverC2
FILE EXTENSIONS
.hellcat
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
Date Victim Name Country Sector Status
No victims recorded

No TTPs data

No YARA rules

TypeValueDescriptionCopy
sha256 821394bb55a48e5672f4f5205bd4677663a7682499760d7eeef1cddc935a9116 Associated with HellCat ransomware
md5 2bd4976bfd00ccfe7cf5024a053cd51c Associated with HellCat ransomware
email contact283@airmail.cc Associated with HellCat ransomware
ip 178.39.72.4 Infrastructure linked to HellCat
sha1 637b5ae706bc5e29c03f2e27a8a112008442f224 Dropper hash observed in HellCat attacks
ip 219.211.228.135 C2 server IP - HellCat campaign

No ransom notes