Sodinokibi Ransomware Hash List

Fortify Security Team
Mar 4, 2021

Threat actors using the Sodinokibi ransomware made “at least” $123 million in 2020, stealing roughly 21.6 terabytes of data. Sodinokibi was the most-used ransomware observed by the researchers, accounting for 22% of all incidents in 2020.

36e7e6e082d1e6ee602fc2ca8cc1d93bde4a95aafa891d612ecd39d27101d6fc
4b0d2023b27949eecdfd58fbc714e92662f603d0ffd5978c9a838de0afe884e2
07c872ff0e47c85b0f2af6a03687bc0d336a3d8df1dc3084b6e91d14fae0cf6a
17b477623a227f915e1a0ba5dbd75fc0e10f7de6fa6dda5b0c68f20e527a5da0
4e2f224134e1473a2d03de8b2a95cf19f14009142f4a1b15809bec55edd8acb1
58ca453b81a5506420ef00a945ad3b3841e4ad7d5ecaf1bb983ac3c3db5ab8c1
e5429b79ef182cef74e1678db535f158b916cd2600d130d9b95d0d8722ad4a04
794da0ca9dd97421afd80b3f9aaf6e25dcb969adc296825a439feac58a77025a
4e5c233cf1270e2dac1a35ab36907ee23189fd424625fbcd7da10e49e7ae331c

 

Recent Posts

BlackMatter Ransomware

This advisory provides information on cyber actor tactics, techniques, and procedures (TTPs) obtained from a sample of BlackMatter ransomware analyzed in a sandbox environment as well from trusted third-party reporting. Using embedded, previously compromised...

Indicators of Compromise Associated with IcedID

FBI reporting has indicated a recent increase in IcedID malware acting as a “dropper,” infecting victims with additional malware. Examples of ransomware variants dropped by IcedID include Defray777, GlobeImposter, Cuba, Conti, and REvil (aka Sodinokibi). First...

CVE-2021-1675 and CVE-2021-34527 – PrintNightmare

Fortify 24x7 is tracking various public weaponized exploits for a remote code execution vulnerability affecting the Windows Print Spooler service (spoolsv.exe): CVE-2021-1675 and an out of band patch for CVE-2021-34527, also known as PrintNightmare. The vulnerability...

CVE-2021-36934 – HiveNightmare

Summary The default configuration in Microsoft Windows 10 v1809 and newer includes an elevation of privilege vulnerability, because of overly permissive Access Control Lists (ACLs) in the Security Accounts Manager (SAM) database, as well as multiple other system...

Kaseya IOC

Indicators of Compromise agent.crt encoded dropper 2093c195b6c1fd6ab9e1110c13096c5fe130b75a84a27748007ae52d9e951643 agent.exe dropper d55f983c994caa160ec63a59f6b4250fe67fb3e8c43a388aec60a4a6978e9f1e Payloads...