profile-img
The DFIR Report

@TheDFIRReport

Real Intrusions by Real Attackers, the Truth Behind the Intrusion.

Services: https://t.co/XW613EKt2w

calendar_today03-04-2020 01:33:43

1,2K Tweets

52,3K Followers

0 Following

The DFIR Report(@TheDFIRReport) 's Twitter Profile Photo
The DFIR Report
@TheDFIRReport

3 years ago

Another RDP brute force ransomware strikes again, this time, Snatch Team!

-Lateral movement via RDP
-C2 via Meterpreter/RDP Proxy via Tor
-Persistence via Scheduled Tasks
-Domain ransomed in less than 5 hours

MISP (@[email protected])

thedfirreport.com/2020/06/21/sna…

Another RDP brute force ransomware strikes again, this time, Snatch Team! -Lateral movement via RDP -C2 via Meterpreter/RDP Proxy via Tor -Persistence via Scheduled Tasks -Domain ransomed in less than 5 hours #infosec #malware @MISPProject thedfirreport.com/2020/06/21/sna…
account_circle