ioc[.]one - OSINT Cyber Threat Intelligence Database

CryptoShield 2.0

Tags

country:	India
attack-pattern:	Data Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	28e46cb4-646a-476a-928b-5e1ec93c48d4
Fingerprint	e6bd49ff50d447bf
Analysis status	DONE
Considered CTI value	0
Text language
Published	Feb. 14, 2017, 9 p.m.
Added to db	Sept. 26, 2022, 9:32 a.m.
Last updated	Nov. 18, 2024, 1:38 a.m.
Headline	Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title	CryptoShield 2.0
Detected Hints/Tags/Attributes	36/2/24

Source URLs

	Redirection	Url
Details	Source	http://id-ransomware.blogspot.com/2017/02/cryptoshield-2-ransomware.html
Details	Source	https://id-ransomware.blogspot.co.il/2017/02/cryptoshield-2-ransomware.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.co.il	id-ransomware.blogspot.co.il
Details	blogspot.com	id-ransomware.blogspot.com

Attributes

Details	Type	#Events	Value
Details	Domain	99	india.com
Details	Domain	5	rot13.com
Details	Domain	35	translate.google.com
Details	Domain	622	en.wikipedia.org
Details	Domain	5	computer4u.com
Details	Domain	1	stephanemalka.com
Details	Domain	2	new.theagingbusiness.com
Details	Email	1	res_sup@india.com
Details	Email	2	res_reserve@india.com
Details	Email	1	r_sup@india.com
Details	Email	1	processed_in_rot13_name+extension].[res_sup@india.com
Details	File	2	1028.txt
Details	File	2127	cmd.exe
Details	File	409	c:\windows\system32\cmd.exe
Details	File	345	vssadmin.exe
Details	File	1	rad93dd5.tmp
Details	File	2	cryptoshield.tmp
Details	File	48	net1.exe
Details	File	256	net.exe
Details	File	31	tmp.exe
Details	File	3	recovery.js
Details	File	1	%allusersprofile%\microsofttmp\system32\conhost.exe
Details	Url	2	http://translate.google.com
Details	Url	23	https://en.wikipedia.org/wiki/rsa_