Shifr RaaS, Gojdue
Tags
| attack-pattern: | Data |
Common Information
| Type | Value |
|---|---|
| UUID | 14587d05-9443-4187-b7b3-4e67c575aa7f |
| Fingerprint | 376531fc0c7c6a7a |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | June 27, 2017, 11 a.m. |
| Added to db | Jan. 18, 2023, 7:52 p.m. |
| Last updated | Oct. 18, 2024, 2:21 p.m. |
| Headline | Шифровальщики-вымогатели The Digest "Crypto-Ransomware" |
| Title | Shifr RaaS, Gojdue |
| Detected Hints/Tags/Attributes | 19/1/10 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://id-ransomware.blogspot.com/2017/06/shifr-raas-ransomware.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 6 | sinister.ly |
|
| Details | Domain | 1 | v5t5z6a55ksmt3oh.onion.to |
|
| Details | Domain | 1 | v5t5z6a55ksmt3oh.onion |
|
| Details | Domain | 12 | download.windowsupdate.com |
|
| Details | Domain | 37 | xmpp.jp |
|
| Details | Domain | 2 | kdvm5fd6tn6jsbwh.onion.to |
|
| Details | 1 | simple_ransomware@xmpp.jp |
||
| Details | File | 4 | how_to_decrypt_files.html |
|
| Details | File | 10 | decrypter.exe |
|
| Details | IPv4 | 3 | 185.100.85.150 |