I need to find more information related to Mamba ransomware to reverse it. I am specifically looking out for IOCs in form of SHA values, IPs, URLs etc. Any related information will be very appreciated.
Thanks in advance
I need to find more information related to Mamba ransomware to reverse it. I am specifically looking out for IOCs in form of SHA values, IPs, URLs etc. Any related information will be very appreciated.
Thanks in advance
Copyright © 2021 Jogjafile Inc.
This ransomware propagated mostly through spearphish campaigns. The malicious code once downloaded starts its working by encrypting system drives. Then comes a ransom page threatening the victim to delete all the encrypted files until a ransom, mostly in form of bitcoin is paid to the attacker.
I think this is what you are looking for:
https://www.talentcookie.com/2017/08/mamba-ransomware-back/