HermeticRansom

Description

(Kaspersky) On February 24, 2022, Avast Threat Research published a tweet announcing the discovery of new Golang ransomware, which they called HermeticRansom. This malware was found around the same time the HermeticWiper was found, and based on publicly available information from security community it was used in recent cyberattacks in Ukraine. The new ransomware was likely used as a smokescreen for the HermeticWiper attack due to its non-sophisticated style and poor implementation.

Names

Name
HermeticRansom
PartyTicket
Elections GoRansom
SonicVote

Type

Ransomware

Information

https://securelist.com/elections-goransom-and-hermeticwiper-attack/105960/
https://www.welivesecurity.com/2022/03/01/isaacwiper-hermeticwizard-wiper-worm-targeting-ukraine/
https://www.sentinelone.com/labs/hermetic-wiper-ukraine-under-attack/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.partyticket

Playbook

https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-hermeticransom-victims-in-ukraine/

Other Information

Uuid

306fecbd-0510-4b7e-8f15-6aa4f5f69efd

Last Card Change

2022-12-27

Threat Intelligence Garden

Explorer

HermeticRansom

HermeticRansom

Description

Names

Category

Type

Information

Malpedia

Playbook

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks