Red Ransomware Active

New entrant in the RaaS ecosystem targeting European businesses.
PDF Report Back to Groups
0
Total Victims
2024-09-01
First Seen
N/A
Last Seen
25
Known TTPs
23.4d
Avg Delay
0
Negotiations
ONION URLS
33zo6hifw4usofzdnz74fm2zmhd3zsknog5jboqdgblcbwrmpcqzzbid.onion
TOOLS
Custom C++ tools
FILE EXTENSIONS
.red
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
Date Victim Name Country Sector Status
No victims recorded
Technique ID Technique Name Tactic
T1005 Data from Local System Collection
T1074.001 Local Data Staging Collection
T1219 Remote Access Software Command and Control
T1572 Protocol Tunneling Command and Control
T1003.001 LSASS Memory Credential Access
T1003.003 NTDS Credential Access
T1110.001 Password Guessing Credential Access
T1070.004 File Deletion Defense Evasion
T1218.011 Rundll32 Defense Evasion
T1082 System Information Discovery Discovery
T1087 Account Discovery Discovery
T1059.001 PowerShell Execution
T1059.003 Windows Command Shell Execution
T1204.002 Malicious File Execution
T1491.001 Internal Defacement Impact
T1531 Account Access Removal Impact
T1078 Valid Accounts Initial Access
T1133 External Remote Services Initial Access
T1195.002 Compromise Software Supply Chain Initial Access
T1566.001 Spearphishing Attachment Initial Access
T1566.002 Spearphishing Link Initial Access
T1021.001 Remote Desktop Protocol Lateral Movement
T1021.004 SSH Lateral Movement
T1098 Account Manipulation Persistence
T1547.001 Registry Run Keys Persistence

No YARA rules

No IoCs

No ransom notes