CREATED 2 HOURS AGO by AlienVaultPublic
TLP: White
SentinelOne Labs takes a look at Conti’s development over the time and how it has evolved, comparing functionality across versions.
REFERENCE: https://assets.sentinelone.com/ransomware-enterprise/conti-ransomware-unpacked
TAGS: conti, ransomware
MALWARE FAMILY: Conti Ransomware
ATT&CK IDS: T1001 – Data Obfuscation, T1471 – Data Encrypted for Impact, T1407 – Download New Code at Runtime, T1424 – Process Discovery, T1489 – Service Stop, T1049 – System Network Connections Discovery, T1059 – Command and Scripting Interpreter