Project Relic Ransomware VS SentinelOne: Protection Demo

In this video demonstration, see how the SentinelOne Singularity XDR Platform protects against Project Relic, a semi-private Ransomware-as-a-Service (RaaS) threat that surfaced in mid-2022. Project Relic is known for its Golang-written payloads that specifically target Windows hosts. The multi-pronged extortion group has a particular interest in sectors such as medical and manufacturing, with affiliates demanding ransom payments that can exceed $2 million USD.12

Upon successful infection, Project Relic employs a comprehensive strategy to hinder detection and analysis by aggressively clearing Windows event logs. This is achieved through the execution of over 1,000 unique “wevtutil.exe cl” commands, each tailored to clear logs of specific applications or processes. The group also operates a TOR-based data leak site (DLS) to exert pressure on victims who do not comply with their demands, threatening to publish their stolen data.

The SentinelOne Singularity XDR Platform can identify and stop any malicious activities and items related to Project Relic Ransomware.

~Subscribe to our channels:~
Website: https://www.sentinelone.com/
LinkedIn: https://www.linkedin.com/company/sentinelone/
Twitter: https://twitter.com/SentinelOne
Facebook: https://www.facebook.com/SentinelOne
Instagram: https://www.instagram.com/sentinelsec/
Threads: https://www.threads.net/@sentinelsec