Xorist-FakeRSA
Tags
attack-pattern: Data Server - T1583.004 Server - T1584.004
Show in Graph
Common Information
Type Value
UUID 271b85c4-20a1-4b1d-829a-be56d22de72e
Fingerprint 651b7f107d5e3b
Analysis status DONE
Considered CTI value 0
Text language
Published Feb. 16, 2017, 12:30 p.m.
Added to db Jan. 18, 2023, 7:51 p.m.
Last updated Nov. 15, 2024, 4:38 p.m.
Headline Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title Xorist-FakeRSA
Detected Hints/Tags/Attributes 24/1/10
Source URLs
Redirection Url
Details Source http://id-ransomware.blogspot.com/2017/02/xorist-fakersa-ransomware.html
URL Provider
Details Provider Source level domain
Details blogspot.com id-ransomware.blogspot.com
Attributes
Details Type #Events CTI Value
Details Domain 167 
tutanota.com
Details Domain 42 
www.coinbase.com
Details Domain 25 
www.localbitcoins.com
Details Domain 911 
any.run
Details Email 1 
decryptfiles@tutanota.com
Details File 1 
decryptfiles2.exe
Details File 1 
6rgg4sd94q3n4q1.exe
Details File 140 
files.txt
Details File 1 
usbview.exe
Details File 1 
%temp%\6rgg4sd94q3n4q1.exe