RagnarLocker
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Third-Party Software - T1072
Show in Graph
Common Information
Type Value
UUID 0da243d0-303c-436a-92ff-dc97ce6410f0
Fingerprint b23ed83ec13d1beb
Analysis status DONE
Considered CTI value 0
Text language
Published Feb. 4, 2020, 6:25 p.m.
Added to db Sept. 26, 2022, 9:31 a.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title RagnarLocker
Detected Hints/Tags/Attributes 53/2/33
Source URLs
Redirection Url
Details Source https://id-ransomware.blogspot.com/2020/02/ragnarlocker-ransomware.html
URL Provider
Details Provider Source level domain
Details blogspot.com id-ransomware.blogspot.com
Attributes
Details Type #Events CTI Value
Details Domain 15 
tox.chat
Details Domain 396 
protonmail.com
Details Domain 1 
p6o7m73ujalhgkiv.onion
Details Domain 911 
any.run
Details Domain 1 
mykgoj7uvqtgl367.onion
Details Domain 1373 
twitter.com
Details Email 2 
hello_company@protonmail.com
Details File 1 
vserv.exe
Details File 1 
rgnr_xxxxxxxx.txt
Details File 1 
rgnr_44027cde.txt
Details File 1 
rgnr_46d54535.txt
Details File 76 
download.html
Details File 240 
wmic.exe
Details File 345 
vssadmin.exe
Details File 351 
recycle.bin
Details File 101 
iconcache.db
Details File 143 
thumbs.db
Details File 748 
kernel32.dll
Details File 243 
autorun.inf
Details File 120 
boot.ini
Details File 90 
bootfont.bin
Details File 99 
bootsect.bak
Details File 196 
desktop.ini
Details File 193 
ntuser.dat
Details File 100 
ntuser.dat.log
Details File 66 
ntuser.ini
Details File 35 
malware.exe
Details File 1 
rgnr_ea01a3be.txt
Details File 1 
sofreg.exe
Details File 1 
rgnr_b1298e8d.txt
Details File 1 
vsd.exe
Details File 2 
vrun.bat
Details Url 9 
https://tox.chat/download.html