A Comprehensive Guide to Detect Ransomware
Common Information
| Type | Value |
|---|---|
| UUID | 9832d6fb-aee1-4231-8a7b-441124db7f10 |
| Fingerprint | 5037d5011f4527f0c3946e148e806d4429791d2b573391c802c133d348de4357 |
| Analysis status | DONE |
| Considered CTI value | -2 |
| Text language | |
| Published | April 26, 2023, 9:13 a.m. |
| Added to db | June 5, 2024, 1:32 p.m. |
| Last updated | Aug. 31, 2024, 8:32 a.m. |
| Headline | A Comprehensive Guide to Detect Ransomware |
| Title | A Comprehensive Guide to Detect Ransomware |
| Detected Hints/Tags/Attributes | 478/4/207 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 31 | cve-2021-22986 |
|
| Details | CVE | 26 | cve-2021-36942 |
|
| Details | CVE | 17 | cve-2022-36537 |
|
| Details | CVE | 10 | cve-2021-20028 |
|
| Details | CVE | 168 | cve-2021-34473 |
|
| Details | CVE | 142 | cve-2021-34523 |
|
| Details | CVE | 2 | cve-2021-3120 |
|
| Details | CVE | 184 | cve-2021-26855 |
|
| Details | CVE | 90 | cve-2021-26857 |
|
| Details | CVE | 92 | cve-2021-26858 |
|
| Details | CVE | 2 | cve-2021-2706 |
|
| Details | CVE | 143 | cve-2021-31207 |
|
| Details | CVE | 3 | cve-2020-1281 |
|
| Details | CVE | 20 | cve-2021-27101 |
|
| Details | CVE | 17 | cve-2021-27104 |
|
| Details | CVE | 17 | cve-2021-27103 |
|
| Details | CVE | 3 | cve-2021-2710 |
|
| Details | CVE | 63 | cve-2020-0796 |
|
| Details | CVE | 25 | cve-2020-0609 |
|
| Details | CVE | 71 | cve-2020-0688 |
|
| Details | CVE | 52 | cve-2021-21972 |
|
| Details | CVE | 22 | cve-2021-21985 |
|
| Details | CVE | 26 | cve-2021-22005 |
|
| Details | CVE | 2 | cve-2021-2685 |
|
| Details | CVE | 20 | cve-2020-0610 |
|
| Details | CVE | 4 | cve-2020-16896 |
|
| Details | CVE | 3 | cve-2019-1489 |
|
| Details | CVE | 7 | cve-2019-1225 |
|
| Details | CVE | 5 | cve-2019-1224 |
|
| Details | CVE | 4 | cve-2019-1108 |
|
| Details | Domain | 22 | www.logpoint.com |
|
| Details | Domain | 75 | tria.ge |
|
| Details | Domain | 70 | evil.com |
|
| Details | Domain | 6 | domain.name |
|
| Details | Domain | 10 | userstorage.mega.co.nz |
|
| Details | Domain | 77 | mega.nz |
|
| Details | Domain | 10 | mega.co.nz |
|
| Details | File | 39 | www.log |
|
| Details | File | 456 | mshta.exe |
|
| Details | File | 249 | schtasks.exe |
|
| Details | File | 2125 | cmd.exe |
|
| Details | File | 5 | c:\windows\temp\ttsel.exe |
|
| Details | File | 409 | c:\windows\system32\cmd.exe |
|
| Details | File | 165 | reg.exe |
|
| Details | File | 97 | mpcmdrun.exe |
|
| Details | File | 256 | net.exe |
|
| Details | File | 1208 | powershell.exe |
|
| Details | File | 23 | 'wevtutil.exe |
|
| Details | File | 95 | wevtutil.exe |
|
| Details | File | 27 | procdump.exe |
|
| Details | File | 478 | lsass.exe |
|
| Details | File | 38 | lsass.dmp |
|
| Details | File | 59 | ntdsutil.exe |
|
| Details | File | 6 | sysinfo.exe |
|
| Details | File | 61 | systeminfo.exe |
|
| Details | File | 40 | netscan.exe |
|
| Details | File | 23 | payload.dll |
|
| Details | File | 122 | psexec.exe |
|
| Details | File | 1018 | rundll32.exe |
|
| Details | File | 55 | payload.exe |
|
| Details | File | 2 | notmalware.exe |
|
| Details | File | 37 | rclone.exe |
|
| Details | File | 118 | sc.exe |
|
| Details | File | 35 | pwsh.exe |
|
| Details | File | 4 | meg.exe |
|
| Details | File | 1260 | explorer.exe |
|
| Details | File | 2 | c:\windows\temp\meg.exe |
|
| Details | MITRE ATT&CK Techniques | 56 | T1595.002 |
|
| Details | MITRE ATT&CK Techniques | 16 | T1589.001 |
|
| Details | MITRE ATT&CK Techniques | 542 | T1190 |
|
| Details | MITRE ATT&CK Techniques | 310 | T1566.001 |
|
| Details | MITRE ATT&CK Techniques | 183 | T1566.002 |
|
| Details | MITRE ATT&CK Techniques | 306 | T1078 |
|
| Details | MITRE ATT&CK Techniques | 183 | T1189 |
|
| Details | MITRE ATT&CK Techniques | 71 | T1078.002 |
|
| Details | MITRE ATT&CK Techniques | 191 | T1133 |
|
| Details | MITRE ATT&CK Techniques | 333 | T1059.003 |
|
| Details | MITRE ATT&CK Techniques | 460 | T1059.001 |
|
| Details | MITRE ATT&CK Techniques | 365 | T1204.002 |
|
| Details | MITRE ATT&CK Techniques | 310 | T1047 |
|
| Details | MITRE ATT&CK Techniques | 239 | T1106 |
|
| Details | MITRE ATT&CK Techniques | 174 | T1569.002 |
|
| Details | MITRE ATT&CK Techniques | 480 | T1053 |
|
| Details | MITRE ATT&CK Techniques | 106 | T1204.001 |
|
| Details | MITRE ATT&CK Techniques | 93 | T1059.007 |
|
| Details | MITRE ATT&CK Techniques | 31 | T1559.001 |
|
| Details | MITRE ATT&CK Techniques | 59 | T1588.002 |
|
| Details | MITRE ATT&CK Techniques | 96 | T1587.001 |
|
| Details | MITRE ATT&CK Techniques | 380 | T1547.001 |
|
| Details | MITRE ATT&CK Techniques | 51 | T1136.001 |
|
| Details | MITRE ATT&CK Techniques | 227 | T1574.002 |
|
| Details | MITRE ATT&CK Techniques | 67 | T1505 |
|
| Details | MITRE ATT&CK Techniques | 11 | T1546.011 |
|
| Details | MITRE ATT&CK Techniques | 40 | T1197 |
|
| Details | MITRE ATT&CK Techniques | 86 | T1548.002 |
|
| Details | MITRE ATT&CK Techniques | 59 | T1055.001 |
|
| Details | MITRE ATT&CK Techniques | 24 | T1134.002 |
|
| Details | MITRE ATT&CK Techniques | 44 | T1134.001 |
|
| Details | MITRE ATT&CK Techniques | 29 | T1484.001 |
|
| Details | MITRE ATT&CK Techniques | 440 | T1055 |
|
| Details | MITRE ATT&CK Techniques | 504 | T1140 |
|
| Details | MITRE ATT&CK Techniques | 298 | T1562.001 |
|
| Details | MITRE ATT&CK Techniques | 550 | T1112 |
|
| Details | MITRE ATT&CK Techniques | 160 | T1027.002 |
|
| Details | MITRE ATT&CK Techniques | 238 | T1497 |
|
| Details | MITRE ATT&CK Techniques | 92 | T1070.001 |
|
| Details | MITRE ATT&CK Techniques | 55 | T1553.002 |
|
| Details | MITRE ATT&CK Techniques | 627 | T1027 |
|
| Details | MITRE ATT&CK Techniques | 44 | T1218.010 |
|
| Details | MITRE ATT&CK Techniques | 348 | T1036 |
|
| Details | MITRE ATT&CK Techniques | 39 | T1218.007 |
|
| Details | MITRE ATT&CK Techniques | 119 | T1218.011 |
|
| Details | MITRE ATT&CK Techniques | 57 | T1036.004 |
|
| Details | MITRE ATT&CK Techniques | 25 | T1553.005 |
|
| Details | MITRE ATT&CK Techniques | 28 | T1562.009 |
|
| Details | MITRE ATT&CK Techniques | 247 | T1070 |
|
| Details | MITRE ATT&CK Techniques | 121 | T1218 |
|
| Details | MITRE ATT&CK Techniques | 173 | T1003.001 |
|
| Details | MITRE ATT&CK Techniques | 2 | T1555.033 |
|
| Details | MITRE ATT&CK Techniques | 89 | T1552.001 |
|
| Details | MITRE ATT&CK Techniques | 125 | T1110 |
|
| Details | MITRE ATT&CK Techniques | 36 | T1558.003 |
|
| Details | MITRE ATT&CK Techniques | 44 | T1110.001 |
|
| Details | MITRE ATT&CK Techniques | 289 | T1003 |
|
| Details | MITRE ATT&CK Techniques | 113 | T1552 |
|
| Details | MITRE ATT&CK Techniques | 172 | T1555 |
|
| Details | MITRE ATT&CK Techniques | 585 | T1083 |
|
| Details | MITRE ATT&CK Techniques | 176 | T1135 |
|
| Details | MITRE ATT&CK Techniques | 33 | T1614.001 |
|
| Details | MITRE ATT&CK Techniques | 1006 | T1082 |
|
| Details | MITRE ATT&CK Techniques | 433 | T1057 |
|
| Details | MITRE ATT&CK Techniques | 243 | T1018 |
|
| Details | MITRE ATT&CK Techniques | 168 | T1046 |
|
| Details | MITRE ATT&CK Techniques | 119 | T1049 |
|
| Details | MITRE ATT&CK Techniques | 72 | T1087.001 |
|
| Details | MITRE ATT&CK Techniques | 99 | T1087.002 |
|
| Details | MITRE ATT&CK Techniques | 74 | T1069.002 |
|
| Details | MITRE ATT&CK Techniques | 3 | T1423 |
|
| Details | MITRE ATT&CK Techniques | 230 | T1033 |
|
| Details | MITRE ATT&CK Techniques | 124 | T1482 |
|
| Details | MITRE ATT&CK Techniques | 245 | T1016 |
|
| Details | MITRE ATT&CK Techniques | 86 | T1124 |
|
| Details | MITRE ATT&CK Techniques | 141 | T1518.001 |
|
| Details | MITRE ATT&CK Techniques | 65 | T1069 |
|
| Details | MITRE ATT&CK Techniques | 32 | T1069.001 |
|
| Details | MITRE ATT&CK Techniques | 100 | T1007 |
|
| Details | MITRE ATT&CK Techniques | 22 | T1087.003 |
|
| Details | MITRE ATT&CK Techniques | 179 | T1087 |
|
| Details | MITRE ATT&CK Techniques | 118 | T1570 |
|
| Details | MITRE ATT&CK Techniques | 160 | T1021.001 |
|
| Details | MITRE ATT&CK Techniques | 139 | T1021.002 |
|
| Details | MITRE ATT&CK Techniques | 59 | T1021.004 |
|
| Details | MITRE ATT&CK Techniques | 30 | T1021.006 |
|
| Details | MITRE ATT&CK Techniques | 33 | T1080 |
|
| Details | MITRE ATT&CK Techniques | 116 | T1560.001 |
|
| Details | MITRE ATT&CK Techniques | 534 | T1005 |
|
| Details | MITRE ATT&CK Techniques | 67 | T1039 |
|
| Details | MITRE ATT&CK Techniques | 67 | T1074 |
|
| Details | MITRE ATT&CK Techniques | 111 | T1119 |
|
| Details | MITRE ATT&CK Techniques | 9 | T1557.001 |
|
| Details | MITRE ATT&CK Techniques | 11 | T1560.003 |
|
| Details | MITRE ATT&CK Techniques | 442 | T1071.001 |
|
| Details | MITRE ATT&CK Techniques | 492 | T1105 |
|
| Details | MITRE ATT&CK Techniques | 141 | T1219 |
|
| Details | MITRE ATT&CK Techniques | 163 | T1573 |
|
| Details | MITRE ATT&CK Techniques | 74 | T1573.002 |
|
| Details | MITRE ATT&CK Techniques | 159 | T1095 |
|
| Details | MITRE ATT&CK Techniques | 95 | T1572 |
|
| Details | MITRE ATT&CK Techniques | 444 | T1071 |
|
| Details | MITRE ATT&CK Techniques | 2 | T1568.001 |
|
| Details | MITRE ATT&CK Techniques | 100 | T1567.002 |
|
| Details | MITRE ATT&CK Techniques | 126 | T1567 |
|
| Details | MITRE ATT&CK Techniques | 102 | T1020 |
|
| Details | MITRE ATT&CK Techniques | 422 | T1041 |
|
| Details | MITRE ATT&CK Techniques | 92 | T1048 |
|
| Details | MITRE ATT&CK Techniques | 36 | T1030 |
|
| Details | MITRE ATT&CK Techniques | 33 | T1537 |
|
| Details | MITRE ATT&CK Techniques | 472 | T1486 |
|
| Details | MITRE ATT&CK Techniques | 276 | T1490 |
|
| Details | MITRE ATT&CK Techniques | 197 | T1489 |
|
| Details | MITRE ATT&CK Techniques | 10 | T1542 |
|
| Details | MITRE ATT&CK Techniques | 58 | T1498 |
|
| Details | MITRE ATT&CK Techniques | 93 | T1485 |
|
| Details | MITRE ATT&CK Techniques | 30 | T1491.001 |
|
| Details | MITRE ATT&CK Techniques | 145 | T1588 |
|
| Details | MITRE ATT&CK Techniques | 695 | T1059 |
|
| Details | MITRE ATT&CK Techniques | 137 | T1059.005 |
|
| Details | MITRE ATT&CK Techniques | 67 | T1003.003 |
|
| Details | MITRE ATT&CK Techniques | 56 | T1587 |
|
| Details | MITRE ATT&CK Techniques | 409 | T1566 |
|
| Details | MITRE ATT&CK Techniques | 78 | T1569 |
|
| Details | MITRE ATT&CK Techniques | 420 | T1204 |
|
| Details | MITRE ATT&CK Techniques | 164 | T1574 |
|
| Details | MITRE ATT&CK Techniques | 78 | T1548 |
|
| Details | MITRE ATT&CK Techniques | 235 | T1562 |
|
| Details | MITRE ATT&CK Techniques | 116 | T1134 |
|
| Details | MITRE ATT&CK Techniques | 56 | T1553 |
|
| Details | MITRE ATT&CK Techniques | 50 | T1614 |
|
| Details | MITRE ATT&CK Techniques | 185 | T1518 |
|
| Details | MITRE ATT&CK Techniques | 159 | T1021 |
|
| Details | MITRE ATT&CK Techniques | 157 | T1560 |
|
| Details | Url | 2 | https://evil.com/payload.exe |
|
| Details | Windows Registry Key | 3 | HKLM\Software\Microsoft\Windows\WINEVT\Channels\Microsoft-Windows-Windows |
|
| Details | Windows Registry Key | 17 | HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters |
|
| Details | Windows Registry Key | 22 | HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows |
|
| Details | Windows Registry Key | 19 | HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest |
|
| Details | Windows Registry Key | 20 | HKEY_CURRENT_USER\Control |