28 JULY 2020 MI-000130-MW WE NEED YOUR HELP! Indicators Associated with Netwalker Ransomware
Show in Graph
Image Description
Common Information
Type Value
UUID 568fdd7a-102d-470b-8762-e033758553e3
Fingerprint 608aced5e546485590283d7b661e3e4a942dc6b69f61b3a58de214681b3eff6b
Analysis status DONE
Considered CTI value 2
Text language
Published Sept. 28, 2020, 11:41 a.m.
Added to db April 14, 2024, 8:21 a.m.
Last updated Aug. 31, 2024, 1:49 a.m.
Headline 28 JULY 2020 MI-000130-MW WE NEED YOUR HELP! Indicators Associated with Netwalker Ransomware
Title 28 JULY 2020 MI-000130-MW WE NEED YOUR HELP! Indicators Associated with Netwalker Ransomware
Detected Hints/Tags/Attributes 61/2/69
Source URLs
Redirection Url
Details Source https://www.ic3.gov/media/news/2020/200929-2.pdf
URL Provider
Details Provider Source level domain
Details ic3.gov www.ic3.gov
Attributes
Details Type #Events CTI Value
Details CVE 67 
cve-2019-18935
Details Domain 128 
www.fbi.gov
Details Domain 77 
mega.nz
Details Domain 2 
website.dropmefiles.com
Details Domain 144 
cock.li
Details Domain 167 
tutanota.com
Details Domain 83 
tuta.io
Details Domain 27 
seznam.cz
Details Domain 3 
rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
Details Domain 3 
pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
Details Domain 167 
www.ic3.gov
Details Email 2 
2hamlampampom@cock.li
Details Email 2 
galgalgalgalk@tutanota.com
Details Email 1 
johprohnpo@cock.li
Details Email 1 
cancandecan@tutanota.com
Details Email 1 
galgalgalgawk@tutanota.com
Details Email 3 
kavariusing@tutanota.com
Details Email 1 
eeaammzzyy@cock.li
Details Email 1 
hamlampampom@cock.li
Details Email 2 
kazkavkovkiz@cock.li
Details Email 1 
eeaammzzyy@tuta.io
Details Email 2 
hariliuios@tutanota.com
Details Email 3 
kkeessnnkkaa@cock.li
Details Email 2 
eeeooppaaaxxx@tuta.io
Details Email 3 
hhaaxxhhaaxx@tuta.io
Details Email 1 
kkkwwwsvvv@cock.li
Details Email 2 
knoocknoo@cock.li
Details Email 2 
pabpabtab@tuta.io
Details Email 3 
sevenoneone@cock.li
Details Email 1 
kokbiglock@cock.li
Details Email 2 
repairdb@seznam.cz
Details Email 1 
sevenonone@cock.li
Details Email 2 
kokoklock@cock.li
Details Email 1 
rrrkkktttaaa@cock.li
Details File 3 
qesw.exe
Details File 1 
pw.exe
Details File 27 
invoke-mimikatz.ps1
Details File 1 
mimikatzn.exe
Details File 5 
coronavirus_covid-19.vbs
Details File 4 
wce.exe
Details File 1 
invoke-mimikittenz.ps1
Details File 76 
mimikatz.exe
Details File 17 
t.exe
Details File 4 
pwdump7.exe
Details File 4 
dl.exe
Details File 1 
rz.ps1
Details md5 2 
258ed03a6e4d9012f8102c635a5e3dcd
Details md5 1 
73de5babf166f28dc81d6c2faa369379
Details md5 1 
3d6203df53fcaa16d71add5f47bdd060
Details md5 3 
7a1288c7be386c99fad964dbd068964f
Details md5 1 
5b80cbbdcb697c0b8ec26e6cf0ff305c
Details md5 1 
993b73d6490bc5a7e23e02210b317247
Details md5 2 
27304b246c7d5b4e149124d5f93c5b01
Details md5 1 
8fbc17d634009cb1ce261b5b3b2f2ecb
Details md5 1 
59881abed688ceba3d67c2ff22076ad8
Details md5 1 
6a64553da499c1d9a64d97f4de3882f5
Details sha1 1 
655352e00c7e478c3fed38bc6f407982dec3768d
Details sha1 1 
a3bc2a30318f9bd2b51cb57e2022996e7f15c69e
Details sha1 1 
6fd314af34409e945504e166eb8cd88127c1070e
Details sha1 1 
e393a9ecf0d0a8babaa5efcc34f10577aff1cad1
Details sha256 1 
8f834966a06f34682b78e1644c47ab488b394b80109ddea39fc9a29ed0d56a0c
Details sha256 2 
58e923ff158fb5aecd293b7a0e0d305296110b83c6e270786edcc4fea1c8404c
Details sha256 2 
8639825230d5504fd8126ed55b2d7aeb72944ffe17e762801aab8d4f8f880160
Details sha256 2 
9f9027b5db5c408ee43ef2a7c7dd1aecbdb244ef6b16d9aafb599e8c40368967
Details sha256 1 
ad8d379a4431cabd079a1c34add903451e11f06652fe28d3f3edb6c469c43893
Details sha256 1 
de04d2402154f676f757cf1380671f396f3fc9f7dbb683d9461edd2718c4e09d
Details Url 8 
https://www.fbi.gov
Details Url 3 
https://www.fbi.gov/contact-us/field-offices.
Details Url 26 
https://www.ic3.gov/pifsurvey