IOC pivotioc · sha-256
b5978cf7d0c275d09bedf09f07667e139ad7fed8f9e47742e08c914c5cf44a53
RU · RussiaRomComconfidence · high
ROMCOM RAT sample observed by Palo Alto Networks Unit 42 in the August 2022 Tropical Scorpius / Cuba ransomware intrusions - the first public attribution of the backdoor to this operator.
- family
- RomCom RAT
- first seen
- Jul 31, 2022
- publisher
- Palo Alto Networks Unit 42