Sunday, December 31, 2023

Smoke and Mirrors : Understanding The Workings of Wazawaka

The "Smoke and Mirrors: Understanding The Workings of Wazawaka" report provides a detailed analysis of Wazawaka, also known as Mikhail Pavlovich Matveev, and his alleged involvement in cybercriminal activities. The report delves into Wazawaka's background, affiliations, and tactics within the threat landscape, shedding light on his team and close relations with other threat actors. It is suggested that the contents of the report can be used as admissible proof before legal authorities. Wazawaka has recently gained prominence within the Threat Intelligence (TI) community, raising concerns across the cyber realm. The research is aimed at information security leaders seeking to enhance their risk management. The report is significant for understanding the dynamics of the digital threat landscape and the individuals and groups operating within it.

IoC

    IPv4

  • 79.124.59.178

    MD5

  • 11d211ce3fa615ce35bff30fa37e9251

    SHA1

  • eba816d7dc084d5702ad5d222c9b6429755b25fd

    SHA256

  • 040037bd66b2b9062cffd925999718af97d36685968b875433af2bf4fa81a7e6
  • 048e32d46b1d6f55b66a5b28be17546593c5da2ce2fc1fe99dc08aab7523ccb1
  • 0787a93d583bb25cae5aaee759e1ab725f6e12723c5d86d22f46c31749cce1ea
  • 12f53ffe90611f2519a1f83fbde6f9e43bef30fae9a1094b4753ace971e91d5e
  • 138d1a9a3083aa0ac951a519a454cb8cae330733d6cbade36afc565207557af5
  • 15fa94281eef6141ea969d0f551d05d6a2bcb127fa53b76a52916c1216cbfe76
  • 1df868f1cf6a25d55fc7968a400a807563b934023316a0ccd8f98365931f630f
  • 22e937ff2ec6206fa37d7418c18bb0e65c71849b43b5f43e563125678856b1ba
  • 39d76f2d68f3c37f9b4ff33f7268dc7b58da4bcf4181262128e81a97f5f78037
  • 4090a0034626ad8b0c658f68df7fbba452bb7711109e3d2843a6b56aad41e36f
  • 46f1a4c77896f38a387f785b2af535f8c29d40a105b63a259d295cb14d36a561
  • 49badc9a57d097f70bc4ef377102b93bea75936ac341c5855e3910f308c46434
  • 4a8e2484f09047a497ec077b1687eac12e02414640e4592a17e1cf154a4f4274
  • 5748cf3f7a4b5b0a817c4c54ab0bea007a5e4b8149126f6e5dc05971243e57d3
  • 602eaae3b2b19f55c5311c6966b135f1149f291f7f60fdebf9a1d2c6888ba7f6
  • 6f35a245e42135a6f6ff15fc9b4058a3600ebcaacdbedddda01baaaaa5022b77
  • 815e7f1fc846529ba84dd43d1c4a02fc572d6c953b2eba3a2b4e7f91e92a252f

REFERENCES

  • https://resources.prodaft.com/wazawaka-report
  • https://cert.gov.ua/article/3761104
  • https://25491742.fs1.hubspotusercontent-eu1.net/hubfs/25491742/WAZAWAKA_TLPCLEAR_Report.pdf
  • https://otx.alienvault.com/pulse/658b00f1732e5418858a1b63

TAGS

ransomware, monti, tor, lockbit, raas, trigona, conti, vpn brute force, powershell


at
Labels: , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Fog of Cyber Warfare: Cloud Atlas Spies Attack Russian Companies Under the guise of Supporting NWO Participants

Cloud Atlas is a pro-government advanced persistent threat (APT) group that specializes in cyber espionage and theft of confidential informa...