[ MALWARE MUTEX INTELLIGENCE DATABASE ]
 ███████╗██╗   ██╗██╗██╗         ███╗   ███╗██╗   ██╗████████╗███████╗██╗  ██╗
 ██╔════╝██║   ██║██║██║         ████╗ ████║██║   ██║╚══██╔══╝██╔════╝╚██╗██╔╝
█████╗  ██║   ██║██║██║         ██╔████╔██║██║   ██║   ██║   █████╗   ╚███╔╝
██╔══╝  ╚██╗ ██╔╝██║██║         ██║╚██╔╝██║██║   ██║   ██║   ██╔══╝   ██╔██╗
 ███████╗ ╚████╔╝ ██║███████╗    ██║ ╚═╝ ██║╚██████╔╝   ██║   ███████╗██╔╝ ██╗
 ╚══════╝  ╚═══╝  ╚═╝╚══════╝    ╚═╝     ╚═╝ ╚═════╝    ╚═╝   ╚══════╝╚═╝  ╚═╝

Advanced Malware Analysis & Threat Intelligence

06:17:11
[ALL_FAMILIES]

Surtr

ransomware1 mutex signatures

[BASIC_INFORMATION]

FAMILY_NAME:
Surtr
CATEGORY:
RANSOMWARE
DESCRIPTION:
Surtr is a ransomware family that has been observed in various cybercriminal campaigns. The malware is designed to encrypt files on victim systems and demand payment for decryption. It is known for its tribute to REvil and employs sophisticated encryption and evasion techniques.
ALIASES:
Surtr Ransomware
TAGS:
file_encryptionextortioncybercriminalrevil_tributeevasion_techniques

[MUTEX_SIGNATURES](1)

[MUTEX_01]
SurtrMUTEX
ANALYST: @adhikara13 DATE: 2024-07-16
REFERENCES:
https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/ransom.win64.surtr.a
https://areteir.com/article/surtr-ransomware-pays-tribute-to-revil/
https://malgamy.github.io/malware-analysis/YARA_Surtr_Ransomware/
https://www.piolink.com/_dev/data/file/security/ckm921ke7j3wzr8.pdf

[QUICK_ACTIONS]

[THREAT_INTELLIGENCE]

ATTRIBUTION:
Unknown
FIRST_OBSERVED:
2024

[SIGMA_RULE]

[STATISTICS]
MUTEX_COUNT:1
THREAT_ACTORS:1
ALIASES:1
TAGS:5
CATEGORY:RANSOMWARE
 Malware profile loaded successfully 
 EvilMutex Project v1.0.0 
 Open Source Threat Intelligence Database 
[GITHUB][DOCS]