Space Bears Active

Data extortion focused group
PDF Report Back to Groups
0
Total Victims
2024-04-01
First Seen
N/A
Last Seen
0
Known TTPs
1.2d
Avg Delay
0
Negotiations
ONION URLS
5butbkrljkaorg5maepuca25oma7eiwo6a2rlhvkblb4v6mf3ki2ovid.onion
TOOLS
Rclone MegaSync
FILE EXTENSIONS
.spacebears
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
Date Victim Name Country Sector Status
No victims recorded

No TTPs data

No YARA rules

TypeValueDescriptionCopy
md5 3a9e89273303f862057c448e0d1e1f31 Malware sample hash - Space Bears campaign
btc bc1qrzkksbr60ohwbdd7abtjnwfvgx6aul68fexs71 Bitcoin ransom address - Space Bears campaign
sha1 2b6db0637608c6f59b0c9f73dd30dede7e3ad2a6 Infrastructure linked to Space Bears
sha1 57d4172a09be0dc23a6ac4b0d1eda6510cb199ac Infrastructure linked to Space Bears
email recover680@keemail.me Contact email observed in Space Bears attacks
md5 86026c0863d5cc630432e3a79cbdbcdb Malware sample hash - Space Bears campaign
email help589@firemail.cc Contact email - Space Bears campaign
btc bc1qzuon7cf0p2xw1peky4fqiig1p6jst5tiy6dz1l Infrastructure linked to Space Bears
tox B3A391C3142E2ABBCE94CFCFADEDBACBD7BD957F4ECFD73BF70E50DB71A8E21E7C23FD043316 Tox messenger ID - Space Bears campaign
sha256 2424eada875a443af6d49aacd827d1dc5264d66447048720dbbbdafd5c44aeef Ransomware binary hash - Space Bears campaign

No ransom notes