ioc[.]one - OSINT Cyber Threat Intelligence Database

Microsoft Word - Cuba Ransomware FLASH NOV11292021(1)

Show in Graph

Common Information

Type	Value
UUID	877b074f-0158-48c1-82f5-ce406c3be94d
Fingerprint	40ff627472507ba9344ec4b44ab289fc233b7bd870371f81371882be83d8e7f7
Analysis status	DONE
Considered CTI value	2
Text language
Published	Dec. 2, 2021, 5:25 p.m.
Added to db	March 10, 2024, 3:51 a.m.
Last updated	Aug. 31, 2024, 8:14 a.m.
Headline	Microsoft Word - Cuba Ransomware FLASH NOV11292021(1)
Title	Microsoft Word - Cuba Ransomware FLASH NOV11292021(1)
Detected Hints/Tags/Attributes	94/3/80

Source URLs

	Redirection	Url
Details	Source	https://www.ic3.gov/media/news/2021/211203-2.pdf

URL Provider

Details	Provider	Source level domain
Details	ic3.gov	www.ic3.gov

Attributes

Details	Type	#Events	Value
Details	Domain	2	teoresp.com
Details	Domain	2	kurvalarva.com
Details	Domain	396	protonmail.com
Details	Domain	89	protonmail.ch
Details	Domain	144	cock.li
Details	Domain	5	cuba-supp.com
Details	Domain	34	exploit.im
Details	Domain	8	www.stopransomware.gov
Details	Domain	41	stopransomware.gov
Details	Domain	128	www.fbi.gov
Details	Domain	167	www.ic3.gov
Details	Email	1	ad_default@protonmail.com
Details	Email	1	admansmit001@protonmail.com
Details	Email	1	afts_agent@protonmail.com
Details	Email	1	helpadmin1@protonmail.com
Details	Email	1	helpallen@protonmail.com
Details	Email	1	mail_supportrg@protonmail.com
Details	Email	1	roselondon@protonmail.com
Details	Email	1	system_admc@protonmail.com
Details	Email	1	dark_sysadmin@protonmail.ch
Details	Email	1	iracomp1@protonmail.ch
Details	Email	1	iracomp3@protonmail.ch
Details	Email	3	lr_fws_h2m_et@protonmail.ch
Details	Email	3	under_amur@protonmail.ch
Details	Email	5	cloudkey@cock.li
Details	Email	1	fiaadministrator@cock.li
Details	Email	4	frankstore@cock.li
Details	Email	1	helpallen@cock.li
Details	Email	1	iracomp@cock.li
Details	Email	1	ivantisupport@cock.li
Details	Email	1	logme@cock.li
Details	Email	1	mfra@cock.li
Details	Email	1	morebeerplease@cock.li
Details	Email	1	roselondon@cock.li
Details	Email	5	admin@cuba-supp.com
Details	Email	7	cuba_support@exploit.im
Details	Email	1	iracomp3@protonmail.com
Details	File	1	pones.exe
Details	File	1	krots.exe
Details	File	1	qcklo.aspx
Details	File	1	haqdu.aspx
Details	File	2	komar.ps1
Details	File	2	aa.bat
Details	File	1	aa.dll
Details	File	2	netping.dll
Details	File	2	check.txt
Details	File	32	result.txt
Details	File	1	protoping.exe
Details	File	1	agent32.ps1
Details	File	3	new.dll
Details	File	3	run.txt
Details	File	4	agent32.bin
Details	File	5	dc.exe
Details	File	5	iv.exe
Details	File	1	ivnet.exe
Details	File	3	shar.bat
Details	File	1	psexesrv.exe
Details	File	2	82.ps1
Details	File	1	66-87.dll
Details	md5	1	7b6f996cc1ad4b5e131e7bf9b1c33253
Details	md5	2	ba83831700a73661f99d38d7505b5646
Details	md5	1	3fe1a3aaca999a5db936843c9bdfea14
Details	md5	1	d907be57b5ef2af8a8b45d5f87aa4773
Details	md5	1	ee2f71faced3f5b5b202c7576f0f52b9
Details	md5	1	99c7cad7032ec5add3a21582a64bb149
Details	md5	2	72a60d799ae9e4f0a3443a2f96fb4896
Details	sha1	1	2841848ef59dfe7137e15119e4c9ce5e873e3607
Details	sha1	2	209ffbc8ba1e93167bca9b67e0ad3561c065595d
Details	sha1	1	25ebe54beb3c422ccd2d90aa8ae89087f71b0bed
Details	sha1	1	867d41458d94e985f6b3e2bae1dfb75e14cbc57f
Details	sha1	1	d1ff26ea3d2d2ced4b7e76d971a60533817048d7
Details	sha1	1	4de5d433af5701462517719ce097bb4c0e5676c9
Details	sha1	2	a304497ff076348e098310f530779002a326c264
Details	IPv4	1	37.120.193.123
Details	IPv4	1	40.115.162.72
Details	IPv4	1	157.245.70.127
Details	IPv4	1	31.44.184.82
Details	IPv4	1	185.153.199.176
Details	Url	5	https://www.stopransomware.gov
Details	Url	26	https://www.ic3.gov/pifsurvey