When ransomware hits an ATM giant - The Diebold Nixdorf case dissected - Group-IB CyberCrimeCon2020
Show in Graph
Image Description
Common Information
Type Value
UUID ba5f18a2-496c-439d-9d9f-56508804ab7c
Fingerprint 67750fef454a9f79378a2961a8361d445c93bf02a56675c2bd1a89c8706014a1
Analysis status DONE
Considered CTI value 0
Text language
Published Nov. 26, 2020, 11:30 a.m.
Added to db April 14, 2024, 9:11 a.m.
Last updated Aug. 31, 2024, 6:58 a.m.
Headline When ransomware hits an ATM giant - The Diebold Nixdorf case dissected - Group-IB CyberCrimeCon2020
Title When ransomware hits an ATM giant - The Diebold Nixdorf case dissected - Group-IB CyberCrimeCon2020
Detected Hints/Tags/Attributes 60/2/17
Source URLs
Redirection Url
Details Source https://raw.githubusercontent.com/fboldewin/When-ransomware-hits-an-ATM-giant---The-Diebold-Nixdorf-case-dissected/main/When%20ransomware%20hits%20an%20ATM%20giant%20-%20The%20Diebold%20Nixdorf%20case%20dissected%20-%20Group-IB%20CyberCrimeCon2020.pdf
URL Provider
Details Provider Source level domain
Details githubusercontent.com raw.githubusercontent.com
Attributes
Details Type #Events CTI Value
Details Domain 202 
krebsonsecurity.com
Details Domain 1 
sollight.com.hk
Details Domain 291 
raw.githubusercontent.com
Details File 10 
rdp.bat
Details File 122 
psexec.exe
Details File 53 
adfind.exe
Details File 1 
agreement_1.doc
Details File 26 
run.bat
Details File 4 
winmgr.xml
Details File 15 
clean.bat
Details File 5 
winmgr.bmp
Details File 1 
8a67b05b.dib
Details File 249 
schtasks.exe
Details Github username 3 
fboldewin
Details IPv4 1 
208.87.12.248
Details Url 1 
https://krebsonsecurity.com/2020/05/ransomware-hit-atm-giant-diebold-nixdorf
Details Url 1 
https://raw.githubusercontent.com/fboldewin/yara-rules/master/prolock.malware.yar