Qilin

MITRE

Malware Type:
Other

First seen:
Unknown

Last seen:
Unknown

Details:

[Qilin](https://attack.mitre.org/software/S1242) ransomware is a Ransomware-as-a-Service (RaaS) that has been active since at least 2022 with versions written in Golang and Rust that are capable of targeting Windows or VMWare ESXi devices. [Qilin](https://attack.mitre.org/software/S1242) shares functionality overlaps with [Black Basta](https://attack.mitre.org/software/S1070), [REvil](https://attack.mitre.org/software/S0496), and [BlackCat](https://attack.mitre.org/software/S1068) ransomware and its RaaS affiliates have been observed targeting multiple sectors worldwide, including healthcare and education in Asia, Europe, and Africa. (Citation: Trend Micro Agenda Ransomware AUG 2022)(Citation: SentinelOne Qilin NOV 2022)(Citation: BushidoToken Qilin RaaS JUN 2024)(Citation: Sophos Qilin MSP APR 2025)

Associated Techniques (40)

ID	ATT&CK	Tactics
T1003.001	LSASS Memory	-
T1007	System Service Discovery	-
T1012	Query Registry	-
T1016	System Network Configuration Discovery	-
T1018	Remote System Discovery	-
T1021.002	SMB/Windows Admin Shares	-
T1027.013	Encrypted/Encoded File	-
T1053.005	Scheduled Task	-
T1055.001	Dynamic-link Library Injection	-
T1057	Process Discovery	-
T1059.001	PowerShell	-
T1070.001	Clear Windows Event Logs	-
T1070.004	File Deletion	-
T1083	File and Directory Discovery	-
T1087.001	Local Account	-

Aliases (196)

Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda Agenda

Used by Actors (2)

Moonstone Sleet
Unknown

Water Galura
Unknown

Metadata

ID:	621
Created:	13/01/2026 17:48
Updated:	21/04/2026 16:00