A friend recently got hit with Dever ransomware. The attacker appears to have been active for 14 minutes, dropping tools such as Mimikatz and Lazagne and then launching Dever ransomware which included SMB scanning, persistence mechanisms and lateral movement. See the timeline, summary and IOCs below

A friend recently got hit with Dever ransomware. The attacker appears to have been active for 14 minutes, dropping tools such as Mimikatz and Lazagne and then launching Dever ransomware which included SMB scanning, persistence mechanisms and lateral movement. See the timeline, summary and IOCs below
top scoring links : multi

Related posts

Leave a Comment