Bablock Rorschach

Malware updated 10 months ago (2024-01-10T14:25:38.971Z)
Download STIX
Preview STIX
BabLock Rorschach is a malicious software, or malware, specifically classified as ransomware. This type of malware is designed to infiltrate your computer system, often without your knowledge, through suspicious downloads, emails, or websites. Once it has access, it can steal personal information, disrupt operations, or hold data hostage for ransom. BabLock Rorschach employs various methods to infiltrate and move laterally within systems, making it particularly dangerous. The malware's infiltration tactics include the transfer of the ransomware over HTTP/S (#9011) and emailing the ransomware as a compressed attachment (#9013). These methods allow the malware to bypass initial security measures and gain entry into the target system. Post-infiltration, BabLock Rorschach continues its attack by moving laterally within the network. It achieves this by again transferring itself over HTTP/S (#9010) and sending itself as a compressed email attachment (#9012), thereby spreading across multiple devices or networks connected to the original infected system. Lastly, BabLock Rorschach writes itself to disk at the host level (#9009) - an automated process that ensures persistence in the infected system. This means that even if initial traces of the malware are found and removed, the malware may still remain active on the system, continuing to cause damage and disruption. In summary, BabLock Rorschach is a sophisticated piece of ransomware that uses a variety of methods to infiltrate, spread, and persist within targeted systems.
Description last updated: 2023-10-10T19:41:35.458Z
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Bablock Rorschach Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more