NMoreira 2.0
Tags
| attack-pattern: | Server - T1583.004 Server - T1584.004 Sharepoint - T1213.002 Software - T1592.002 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 1a8bb7de-3804-4eef-98cb-e9487c67aacb |
| Fingerprint | f73339730a6f236f |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Jan. 13, 2017, 6:10 p.m. |
| Added to db | Jan. 18, 2023, 7:51 p.m. |
| Last updated | Nov. 17, 2024, 10:40 p.m. |
| Headline | Шифровальщики-вымогатели The Digest "Crypto-Ransomware" |
| Title | NMoreira 2.0 |
| Detected Hints/Tags/Attributes | 29/1/23 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 14 | bitmessage.org |
|
| Details | Domain | 19 | bitmsg.me |
|
| Details | Domain | 38 | ntdetect.com |
|
| Details | Domain | 10 | gcc.gnu.org |
|
| Details | File | 3 | yako.html |
|
| Details | File | 2126 | cmd.exe |
|
| Details | File | 345 | vssadmin.exe |
|
| Details | File | 4 | fb_inet_server.exe |
|
| Details | File | 9 | pg_ctl.exe |
|
| Details | File | 119 | sqlservr.exe |
|
| Details | File | 64 | config.sys |
|
| Details | File | 38 | io.sys |
|
| Details | File | 16 | msdos.sys |
|
| Details | File | 17 | files.html |
|
| Details | File | 1 | crypter_191_.exe |
|
| Details | File | 48 | net1.exe |
|
| Details | File | 95 | wevtutil.exe |
|
| Details | File | 2 | bugs.html |
|
| Details | Url | 3 | https://bitmessage.org |
|
| Details | Url | 8 | https://bitmsg.me |
|
| Details | Url | 1 | https://bitmsg.me/users/sign_up |
|
| Details | Url | 1 | https://bitmsg.me/users/sign_in |
|
| Details | Windows Registry Key | 38 | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |