Loading IOCs…

{'added_date': '2025-03-09',
 'client': '2003264@sit.singaporetech.edu.sg',
 'description': None,
 'firstseen': '2025-03-05T16:56:13.970000+00:00',
 'group': 'crazyhunter',
 'has_negotiations': False,
 'has_ransomnote': False,
 'lastseen': '2025-03-30T22:06:51.119000+00:00',
 'locations': [{'available': False,
                'fqdn': '7i6sfmfvmqfaabjksckwrttu3nsbopl3xev2vbxbkghsivs5lqp4yeqd.onion',
                'slug': 'http://7i6sfmfvmqfaabjksckwrttu3nsbopl3xev2vbxbkghsivs5lqp4yeqd.onion:8088/api/v1/product?page=1&pageSize=20',
                'title': '',
                'type': 'API'}],
 'negotiation_count': 0,
 'ransomnotes_count': 0,
 'tiaras_metadata': {'has_negotiations': False,
                     'has_ransomnote': False,
                     'locations': [{'available': False,
                                    'fqdn': '7i6sfmfvmqfaabjksckwrttu3nsbopl3xev2vbxbkghsivs5lqp4yeqd.onion',
                                    'slug': 'http://7i6sfmfvmqfaabjksckwrttu3nsbopl3xev2vbxbkghsivs5lqp4yeqd.onion:8088/api/v1/product?page=1&pageSize=20',
                                    'title': '',
                                    'type': 'API'}],
                     'negotiation_count': 0,
                     'ransomnotes_count': 0,
                     'ransomware_live_group': 'crazyhunter',
                     'tools': {'CredentialTheft': [],
                               'DefenseEvasion': ['Zemana Anti-Rootkit driver',
                                                  'av-1m.exe (AV bypass)',
                                                  'go.exe / go2.exe (BYOVD '
                                                  'loader)'],
                               'DiscoveryEnum': [],
                               'Exfiltration': [],
                               'LOLBAS': [],
                               'Networking': [],
                               'Offsec': ['SharpGPOAbuse',
                                          'bb.exe (shellcode loader)',
                                          'Donut',
                                          'Prince Ransomware'],
                               'RMM-Tools': []},
                     'url': 'https://www.ransomware.live/group/crazyhunter',
                     'victims': 10,
                     'vulnerabilities': []},
 'tiaras_source': 'ransomware.live',
 'tools': {'CredentialTheft': [],
           'DefenseEvasion': ['Zemana Anti-Rootkit driver',
                              'av-1m.exe (AV bypass)',
                              'go.exe / go2.exe (BYOVD loader)'],
           'DiscoveryEnum': [],
           'Exfiltration': [],
           'LOLBAS': [],
           'Networking': [],
           'Offsec': ['SharpGPOAbuse',
                      'bb.exe (shellcode loader)',
                      'Donut',
                      'Prince Ransomware'],
           'RMM-Tools': []},
 'ttps': [],
 'url': 'https://www.ransomware.live/group/crazyhunter',
 'victims': 10,
 'vulnerabilities': []}