7ev3n
Tags
| attack-pattern: | Control Panel - T1218.002 Server - T1583.004 Server - T1584.004 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 2510c301-0d18-4c15-bb25-d153ba73237e |
| Fingerprint | 267e1878406efe3e |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Jan. 26, 2016, 4:10 p.m. |
| Added to db | Jan. 18, 2023, 7:50 p.m. |
| Last updated | Nov. 17, 2024, 6:50 p.m. |
| Headline | Шифровальщики-вымогатели The Digest "Crypto-Ransomware" |
| Title | 7ev3n |
| Detected Hints/Tags/Attributes | 21/1/17 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://id-ransomware.blogspot.com/2016/04/7ev3n-ransomware.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 25 | ebay.com |
|
| Details | Domain | 162 | localbitcoins.com |
|
| Details | Domain | 6 | anxpro.com |
|
| Details | Domain | 1 | cued.com |
|
| Details | File | 3 | files_back.txt |
|
| Details | File | 1 | %localappdata%\bcd.bat |
|
| Details | File | 2 | %localappdata%\del.bat |
|
| Details | File | 2 | %localappdata%\system.exe |
|
| Details | File | 1 | %localappdata%\uac.exe |
|
| Details | File | 1 | c:\windows\system32\tasks\uac c:\windows\system32\elsext.dll |
|
| Details | File | 46 | system.exe |
|
| Details | Windows Registry Key | 3 | HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard |
|
| Details | Windows Registry Key | 164 | HKLM\SOFTWARE\Microsoft\Windows |
|
| Details | Windows Registry Key | 5 | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion |
|
| Details | Windows Registry Key | 20 | HKEY_CURRENT_USER\Control |
|
| Details | Windows Registry Key | 38 | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
|
| Details | Windows Registry Key | 17 | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System |