Phoenix Locker Defunct

Evil Corp rebrand to evade sanctions. Similar to WastedLocker.
PDF Report Back to Groups
0
Total Victims
2021-03-01
First Seen
N/A
Last Seen
6
Known TTPs
14.9d
Avg Delay
0
Negotiations
ONION URLS
y7ru2uwjx2qcmmdnmgrhqknz6rzmd57miyycahrturevlmtlxi47c5i4.onion
TOOLS
IcedID MegaSync ngrok Mythic
FILE EXTENSIONS
.locked
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
Date Victim Name Country Sector Status
No victims recorded
Technique ID Technique Name Tactic
T1090 Proxy Command and Control
T1003.003 NTDS Credential Access
T1110.001 Password Guessing Credential Access
T1133 External Remote Services Initial Access
T1547.001 Registry Run Keys Persistence
T1068 Exploitation for Privilege Escalation Privilege Escalation

No YARA rules

No IoCs

No ransom notes