Seth-Locker
Seth-Locker is a ransomware with some remote control capabilities that has been in use since at least 2021.[1]
ID: S0639
ⓘ
Type: MALWARE
ⓘ
Platforms: Windows
Version: 1.0
Created: 13 August 2021
Last Modified: 13 October 2021
Techniques Used
| Domain | ID | Name | Use | |
|---|---|---|---|---|
| Enterprise | T1059 | .003 | 命令与脚本解释器: Windows Command Shell |
Seth-Locker can execute commands via the command line shell.[1] |
| Enterprise | T1486 | 数据加密以实现影响 |
Seth-Locker can encrypt files on a targeted system, appending them with the suffix .seth.[1] |
|
| Enterprise | T1105 | 输入工具传输 |
Seth-Locker has the ability to download and execute files on a compromised host.[1] |
|