Remove CryptoSweetTooth Ransomware and Restore .locked Files
Tags
country: Argentina Australia Netherlands Germany France Greece India Italy Spain Poland Portugal United Kingdom United States Of America
maec-delivery-vectors: Watering Hole
attack-pattern: Data Direct Email Account - T1087.003 Login Items - T1547.015 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Social Media - T1593.001 Software - T1592.002 Tool - T1588.002
Show in Graph
Common Information
Type Value
UUID 19bcbcde-ece8-4206-955f-18c2c3b27eb7
Fingerprint 1616aa4b2df7849c
Analysis status DONE
Considered CTI value 0
Text language
Published Jan. 17, 2017, 1 p.m.
Added to db Sept. 26, 2022, 9:32 a.m.
Last updated Nov. 18, 2024, 5:20 p.m.
Headline Remove CryptoSweetTooth Ransomware and Restore .locked Files
Title Remove CryptoSweetTooth Ransomware and Restore .locked Files
Detected Hints/Tags/Attributes 82/3/12
Source URLs
Redirection Url
Details Source http://sensorstechforum.com/remove-cryptosweettooth-ransomware-restore-locked-files/
URL Provider
Details Provider Source level domain
Details sensorstechforum.com sensorstechforum.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
ripio.com
Details Domain 1 
saldo.com.ar
Details Domain 1 
mercadolibre.com.ar
Details Domain 544 
sensorstechforum.com
Details File 3 
bitcoin.exe
Details File 1 
importante_leer.html
Details File 1 
recuperar_archivos.html
Details File 346 
vssadmin.exe
Details Windows Registry Key 493 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Details Windows Registry Key 582 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Details Windows Registry Key 470 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
Details Windows Registry Key 480 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce