[ MALWARE MUTEX INTELLIGENCE DATABASE ]
 ███████╗██╗   ██╗██╗██╗         ███╗   ███╗██╗   ██╗████████╗███████╗██╗  ██╗
 ██╔════╝██║   ██║██║██║         ████╗ ████║██║   ██║╚══██╔══╝██╔════╝╚██╗██╔╝
█████╗  ██║   ██║██║██║         ██╔████╔██║██║   ██║   ██║   █████╗   ╚███╔╝
██╔══╝  ╚██╗ ██╔╝██║██║         ██║╚██╔╝██║██║   ██║   ██║   ██╔══╝   ██╔██╗
 ███████╗ ╚████╔╝ ██║███████╗    ██║ ╚═╝ ██║╚██████╔╝   ██║   ███████╗██╔╝ ██╗
 ╚══════╝  ╚═══╝  ╚═╝╚══════╝    ╚═╝     ╚═╝ ╚═════╝    ╚═╝   ╚══════╝╚═╝  ╚═╝

Advanced Malware Analysis & Threat Intelligence

06:17:10
[ALL_FAMILIES]

Fog

ransomware2 mutex signatures

[BASIC_INFORMATION]

FAMILY_NAME:
Fog
CATEGORY:
RANSOMWARE
DESCRIPTION:
Fog is a ransomware family that has been observed in various cybercriminal campaigns. The malware is designed to encrypt files on victim systems and demand payment for decryption. It employs sophisticated encryption techniques and has been analyzed by multiple security researchers for its evasion capabilities and attack patterns.
ALIASES:
Fog Ransomware
TAGS:
file_encryptionextortioncybercriminalevasion_techniques

[MUTEX_SIGNATURES](2)

[MUTEX_01]
6jSf6QFH0VGR5XL4RGYarc5YVpB4W1H3
ANALYST: @adhikara13 DATE: 2024-07-16
REFERENCES:
https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/ransom.win32.fog.thdodbe
https://app.threat.zone/submission/efe469fe-d299-42d0-baf0-c01a2f5af95d/dynamic-scan-report/behaviour/mutex
[MUTEX_02]
BgGnsEdRrztEhEfg0vF8ZaFPYtoyg4lDQ
ANALYST: @adhikara13 DATE: 2024-07-16
REFERENCES:
https://www.ionsec.io/resources/clearing-the-mist-unveiling-fog-ransomware

[QUICK_ACTIONS]

[THREAT_INTELLIGENCE]

ATTRIBUTION:
Unknown
FIRST_OBSERVED:
2024

[SIGMA_RULE]

[STATISTICS]
MUTEX_COUNT:2
THREAT_ACTORS:1
ALIASES:1
TAGS:4
CATEGORY:RANSOMWARE
 Malware profile loaded successfully 
 EvilMutex Project v1.0.0 
 Open Source Threat Intelligence Database 
[GITHUB][DOCS]