Ransomware or Wiper? LockerGoga Straddles the Line
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Credentials - T1589.001 Email Addresses - T1589.002 Malware - T1587.001 Malware - T1588.001 Multi-Factor Authentication - T1556.006 Phishing - T1660 Phishing - T1566 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID 1d682931-36d9-42f3-a9db-81fb48b76723
Fingerprint 2532227f99358ecd
Analysis status DONE
Considered CTI value 2
Text language
Published March 20, 2019, 2:08 p.m.
Added to db Oct. 9, 2022, 4:13 p.m.
Last updated Nov. 17, 2024, 5:54 p.m.
Headline Vulnerability Information
Title Ransomware or Wiper? LockerGoga Straddles the Line
Detected Hints/Tags/Attributes 56/2/17
Source URLs
Redirection Url
Details Source https://blog.talosintelligence.com/2019/03/lockergoga.html
URL Provider
Details Provider Source level domain
Details talosintelligence.com blog.talosintelligence.com
Attributes
Details Type #Events CTI Value
Details Domain 396 
protonmail.com
Details Domain 136 
mail.com
Details Domain 13 
o2.pl
Details Email 8 
mayarchenot@protonmail.com
Details Email 8 
dharmaparrack@protonmail.com
Details Email 7 
sayanwalsworth96@protonmail.com
Details Email 8 
wyattpettigrew8922555@mail.com
Details Email 8 
suzumcpherson@protonmail.com
Details Email 9 
abbschevis@protonmail.com
Details File 4 
readme_locked.txt
Details File 4 
readme-now.txt
Details sha256 3 
c97d9bbc80b573bdeeda3812f4d00e5183493dd0d5805e2508728f65977dda15
Details sha256 2 
88d149f3e47dc337695d76da52b25660e3a454768af0d7e59c913995af496a0f
Details sha256 3 
eda26a1cd80aac1c42cdbba9af813d9c4bc81f6052080bc33435d1e076e75aa0
Details sha256 3 
ba15c27f26265f4b063b65654e9d7c248d0d651919fafb68cb4765d1e057f93f
Details sha256 3 
7bcd69b3085126f7e97406889f78ab74e87230c11812b79406d723a80c08dd26
Details sha256 4 
c3d334cb7f6007c9ebee1a68c4f3f72eac9b3c102461d39f2a0a4b32a053843a