Rook

Description

Ransomware.

External Analysis
https://blog.cyble.com/2022/03/15/deep-dive-analysis-pandora-ransomware/
https://chuongdong.com/reverse%20engineering/2022/01/06/RookRansomware/
https://github.com/Dump-GUY/Malware-analysis-and-Reverse-engineering/blob/main/NightSky_Ransomware%E2%80%93just_a_Rook_RW_fork_in_VMProtect_suit/NightSky_Ransomware%E2%80%93just_a_Rook_RW_fork_in_VMProtect_suit.md
https://seguranca-informatica.pt/rook-ransomware-analysis/
https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself
https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
https://www.secureworks.com/research/bronze-starlight-ransomware-operations-use-hui-loader
https://www.sentinelone.com/labs/new-rook-ransomware-feeds-off-the-code-of-babuk/
Urls
Screen
http://gamol6n6p2p4c3ad7gxmx3ur7wwdwlywebo2azv3vv5qlmjmole2zbyd.onion
File servers
Screen
Chat servers
Screen

Posts

Date Title Description Screen
2022-01-08
Abdi ibrahim
2021-12-29
"Отбасы" Тұрғын үй құрылыс жинақ банкі АҚ
2021-12-28
Evalueserve
2021-12-28
DENSO
2021-12-28
Data breach summary
2021-12-18
Rossell Techsys(Data will be given tomorrow)
2021-12-18
KMG Prestige, Inc. (Data will be given tomorrow)
2021-12-18
KMG Prestige, Inc.
2021-12-14
Rosendahl Design Group
2021-12-14
Rossell Techsys
2021-12-07
KMG Prestige, Inc.