CryptoMix-DLL
Tags
| attack-pattern: | Data Email Addresses - T1589.002 Server - T1583.004 Server - T1584.004 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 167949d5-98f3-4783-8eb2-74f488f8ba2d |
| Fingerprint | 32551d4e4f7029ab |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | April 8, 2019, 3:10 a.m. |
| Added to db | Jan. 18, 2023, 7:55 p.m. |
| Last updated | Nov. 17, 2024, 5:54 p.m. |
| Headline | Шифровальщики-вымогатели The Digest "Crypto-Ransomware" |
| Title | CryptoMix-DLL |
| Detected Hints/Tags/Attributes | 19/1/21 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://id-ransomware.blogspot.com/2019/04/dll-cryptomix-ransomware.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 396 | protonmail.com |
|
| Details | Domain | 136 | mail.com |
|
| Details | Domain | 83 | tuta.io |
|
| Details | Domain | 155 | yandex.com |
|
| Details | Domain | 911 | any.run |
|
| Details | 1 | dllteam@protonmail.com |
||
| Details | 1 | dllteam1@protonmail.com |
||
| Details | 1 | dllpc@mail.com |
||
| Details | 1 | dllpc@tuta.io |
||
| Details | 1 | claremohan@tuta.io |
||
| Details | 1 | claremohan@yandex.com |
||
| Details | 1 | mohanclare@yandex.com |
||
| Details | File | 1 | d1eb93921993d22cca0ef4561b33b5e0.dll |
|
| Details | File | 1 | a42e26ac434b58c8c75151d644eb3c7c.dll |
|
| Details | File | 26 | _help_instruction.txt |
|
| Details | File | 5 | dll.exe |
|
| Details | File | 1 | bc1c9b74ea.exe |
|
| Details | File | 1 | c:\users\admin\appdata\local\temp\dll.exe |
|
| Details | File | 1 | c:\programdata\bc1c9b74e8.exe |
|
| Details | md5 | 1 | D1EB93921993D22CCA0EF4561B33B5E0 |
|
| Details | md5 | 1 | A42E26AC434B58C8C75151D644EB3C7C |