Prestige Ransomware
Released: Oct 18, 2022
Targeting organizations in Ukraine and Poland.
Researchers at Microsoft Threat Intelligence Center (MSTIC) have identified evidence of a novel ransomware campaign targeting organizations in the transportation and logistics industries in Ukraine and Poland. According to the report, the new ransomware labels itself with a ransom note of “Prestige ranusomeware”. Learn More »
Background
Prestige Ransomware has similar deployment techniques as previously used in recent destructive attacks leveraging AprilAxe (ArguePatch)/CaddyWiper or Foxblade (HermeticWiper).
Latest Development
Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.
FortiGuard has Antivirus detection coverage on the malware as W32/Filecoder.OMM!tr.ransom. The ANN and Sandbox behavioural detection engine detects the malware as high risk.
October 14, 2022, Microsoft Security released a blog: https://www.microsoft.com/security/blog/2022/10/14/new-prestige-ransomware-impacts-organizations-in-ukraine-and-poland/
FortiGuard Cybersecurity Framework
Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.
-
Decoy VM
-
AV
-
AV (Pre-filter)
-
Behavior Detection
-
ANN
-
Web Filter
-
Web Filter
-
Anti-ransomware
-
Botnet C&C
Decoy VM Detect activities related to a Prestige ransomware malware
AV Detects Prestige ransomware payloads
AV (Pre-filter) Detects Prestige ransomware payloads
Behavior Detection Detects Prestige ransomware payloads as High risk
ANN Artificial Neural Networks (ANN) Engine detects the known hashes
Web Filter Detects known Urls, IPs and domains related to Prestige Ransomware
Web Filter Detects known Urls, IPs and domains related to Prestige Ransomware
Anti-ransomware Blocks suspicious process activity related to Prestige ransomware
Botnet C&C Detects traffic to known C&C domains
-
Threat Hunting
-
IOC
-
Outbreak Detection
-
Content Update
Threat Hunting
Outbreak Detection
Content Update
-
Automated Response
-
Assisted Response Services
Automated Response Services that can automaticlly respond to this outbreak.
Assisted Response Services Experts to assist you with analysis, containment and response activities.
-
InfoSec Services
InfoSec Services Security readiness and awareness training for SOC teams, InfoSec and general employees.
-
Attack Surface Monitoring (Inside & Outside)
Attack Surface Monitoring (Inside & Outside) Security reconnaissance and penetration testing services, covering both internal & external attack vectors, including those introduced internally via software supply chain.
Threat Intelligence
Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.
Loading ...
Indicators of compromise
IOC Indicator List
Indicator | Type | Status |
---|---|---|
5fc44c7342b84f50f24758e39c8848b2f0991e8817ef546... | file | Active |
5dd1ca0d471dee41eb3ea0b6ea117810f228354fc3b7b47... | file | Active |
6cff0bbd62efe99f381e5cc0c4182b0fb7a9a34e4be9ce6... | file | Active |
prestige.ranusomeware@proton.me | Active | |
a32bbc5df4195de63ea06feb46cd6b55 | file | Active |
986ba7a5714ad5b0de0d040d1c066389bcb81a67 | file | Active |
c7186def5e9c3e1b01bf506f538f5d6185377a9c | file | Active |
Indicators of compromise
IOC Threat Activity
Last 30 days
Chg
Avg 0
Mitre Matrix
Click here for the ATT&CK Matrix
References
Sources of information in support and relation to this Outbreak and vendor.