BlackKingdom
Tags
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Social Media - T1593.001
Show in Graph
Common Information
Type Value
UUID 2777cabe-6b9c-4c5f-82ae-a2b5651355cc
Fingerprint f6d5715670341981
Analysis status DONE
Considered CTI value 2
Text language
Published Feb. 25, 2020, 4:35 p.m.
Added to db Sept. 26, 2022, 9:30 a.m.
Last updated Nov. 17, 2024, 6:49 p.m.
Headline Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title BlackKingdom
Detected Hints/Tags/Attributes 39/1/26
Source URLs
Redirection Url
Details Source https://id-ransomware.blogspot.com/2020/02/blackkingdom-ransomware.html
URL Provider
Details Provider Source level domain
Details blogspot.com id-ransomware.blogspot.com
Attributes
Details Type #Events CTI Value
Details Domain 5 
trojan.tr
Details Domain 2 
gszmail.com
Details Domain 911 
any.run
Details Domain 1 
filecoder.dm
Details Domain 396 
protonmail.com
Details Domain 1 
filecoder.cl
Details Domain 1 
trojan-ransom.win32.alien.ao
Details Domain 14 
pm.me
Details Domain 54 
mail2tor.com
Details Email 2 
blackingdom@gszmail.com
Details Email 2 
tuhafcoderus@protonmail.com
Details Email 2 
carecaxyz@pm.me
Details Email 3 
support_blackkingdom2@protonmail.com
Details Email 1 
iamfath3r@protonmail.com
Details File 1 
banker.py
Details File 367 
readme.txt
Details File 7 
payload.txt
Details File 16 
sfx.exe
Details File 3 
cyberpunk2077.exe
Details File 6 
decrypt_file.txt
Details File 2 
real.exe
Details File 55 
payload.exe
Details md5 1 
f3ff8e85a6b9ac336273c4e51156f36a
Details md5 1 
c5640c7a22008f949f9bc94a27623f95
Details sha1 1 
7f745a260c30aefddc12f34276e73d00c9ea745f
Details sha256 1 
73abef1e8cd548939010ad5c4937fe5bdabfb0b9a12d711debfa9a53925647fe