|Sodinokibi
Common Information
| Type | Value |
|---|---|
| UUID | 879af835-b3d3-42a3-ba78-e1d8465eae6a |
| Fingerprint | 6c969a1ab5794cff5da171a8a8232f6e75aacc6f7817483ed62f1156dda97bf4 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | July 10, 2020, 10:26 a.m. |
| Added to db | April 14, 2024, 9:36 a.m. |
| Last updated | Aug. 31, 2024, 6:58 a.m. |
| Headline | |Sodinokibi |
| Title | |Sodinokibi |
| Detected Hints/Tags/Attributes | 84/4/52 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 49 | cve-2018-8453 |
|
| Details | Domain | 10 | pandasecurity.com |
|
| Details | Domain | 2 | noticiasseguridad.com |
|
| Details | Domain | 1 | suitesartemis.gr |
|
| Details | Domain | 1 | rename.kz |
|
| Details | Domain | 1 | jefersonalessandro.com |
|
| Details | Domain | 1 | banukumbak.com |
|
| Details | Domain | 1 | pourlabretagne.bzh |
|
| Details | Domain | 1 | azerbaycanas.com |
|
| Details | Domain | 1 | lesyeuxbleus.net |
|
| Details | Domain | 1 | brannbornfastigheter.se |
|
| Details | Domain | 1 | kryddersnapsen.dk |
|
| Details | Domain | 1 | www.hoyaragon.es |
|
| Details | Domain | 103 | www.mcafee.com |
|
| Details | Domain | 145 | threatpost.com |
|
| Details | Domain | 16 | www.pandasecurity.com |
|
| Details | Domain | 6 | www.watchguard.com |
|
| Details | File | 376 | wscript.exe |
|
| Details | File | 2 | jurhrtcbvj.tmp |
|
| Details | File | 27 | computerdefaults.exe |
|
| Details | File | 1260 | explorer.exe |
|
| Details | File | 54 | mmc.exe |
|
| Details | File | 229 | advapi32.dll |
|
| Details | File | 15 | win32kfull.sys |
|
| Details | File | 115 | win32k.sys |
|
| Details | File | 65 | info.txt |
|
| Details | File | 9 | mysql.exe |
|
| Details | File | 345 | vssadmin.exe |
|
| Details | File | 1 | zaoi6xao08r.bmp |
|
| Details | File | 1 | álbum.mp3 |
|
| Details | md5 | 1 | 3E974B7347D347AE31C1B11C05A667E2 |
|
| Details | md5 | 1 | B488BDEEAEDA94A273E4746DB0082841 |
|
| Details | md5 | 1 | BED6FC04AEB785815744706239A1F243 |
|
| Details | md5 | 1 | 1CE1CA85BFF4517A1EF7E8F9A7C22B16 |
|
| Details | md5 | 1 | 1524B237E65D52AA7E2ADD5DBDCC7C05 |
|
| Details | md5 | 1 | A81961697199A3F9524A0F874E281612 |
|
| Details | md5 | 1 | 512B538CE2C40112009383AE70331DCF |
|
| Details | md5 | 1 | E6566F78ABF3075EBEA6FD037803E176 |
|
| Details | IPv4 | 2 | 5.3.1.1 |
|
| Details | IPv4 | 3 | 5.3.2.1 |
|
| Details | IPv4 | 2 | 5.3.2.2 |
|
| Details | IPv4 | 2 | 5.3.2.3 |
|
| Details | IPv4 | 2 | 5.3.2.4 |
|
| Details | IPv4 | 2 | 5.3.2.5 |
|
| Details | IPv4 | 17 | 5.3.2.6 |
|
| Details | IPv4 | 1 | 5.3.2.7 |
|
| Details | IPv4 | 1 | 5.3.2.8 |
|
| Details | IPv4 | 1 | 5.3.2.9 |
|
| Details | Url | 1 | https://noticiasseguridad.com/hacking- |
|
| Details | Url | 1 | https://www.mcafee.com/blogs/other-blogs/mcafee-labs/mcafee-atr-analyzes-sodinokibi-aka-revil- |
|
| Details | Url | 1 | https://threatpost.com/threatlist-ransomware-costs-double-in-q4-sodinokibi-dominates/152200 |
|
| Details | Url | 1 | https://www.pandasecurity.com/business |