MegaLocker, NamPoHyu
Tags
attack-pattern: Data Email Addresses - T1589.002
Show in Graph
Common Information
Type Value
UUID 2bde7866-bcaa-459d-a3e9-766beeacb49a
Fingerprint 14740a3a476c2603
Analysis status DONE
Considered CTI value 0
Text language
Published March 14, 2019, 1:20 a.m.
Added to db Jan. 18, 2023, 7:55 p.m.
Last updated Nov. 17, 2024, 11:40 p.m.
Headline Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title MegaLocker, NamPoHyu
Detected Hints/Tags/Attributes 37/1/26
Source URLs
Redirection Url
Details Source http://id-ransomware.blogspot.com/2019/03/megalocker-ransomware.html
URL Provider
Details Provider Source level domain
Details blogspot.com id-ransomware.blogspot.com
Attributes
Details Type #Events CTI Value
Details Domain 46 
firemail.cc
Details Domain 3 
buy.blockexplorer.com
Details Domain 13 
www.buybitcoinworldwide.com
Details Domain 8 
localbitcoins.net
Details Domain 622 
en.wikipedia.org
Details Domain 1 
charles-small.com
Details Domain 2 
qlcd3bgmyv4kvztb.onion
Details Domain 246 
mail.ru
Details Domain 911 
any.run
Details Domain 179 
www.torproject.org
Details Domain 144 
cock.li
Details Email 1 
alexshkipper@firemail.cc
Details Email 1 
alexshkipper@mail.ru
Details Email 1 
andrewpots@cock.li
Details File 5 
decrypt_instruction.txt
Details File 1206 
index.php
Details md5 1 
23CAEC83B8FF4ED5A89A8E19B0D7E85C
Details md5 1 
C8AA2DADF2CA4C58B6D427065EFA8BB7
Details Url 3 
https://buy.blockexplorer.com
Details Url 12 
https://www.buybitcoinworldwide.com
Details Url 5 
https://localbitcoins.net
Details Url 11 
https://en.wikipedia.org/wiki/bitcoin
Details Url 24 
https://www.torproject.org/download
Details Url 1 
http://qlcd3bgmyv4kvztb.onion/index.php?id=02dced685xxxxxxxxx3c0dfd0e2*****
Details Url 1 
http://qlcd3bgmyv4kvztb.onion/index.php?id=c8aa2dadf2ca4c58b6d427065efa8bb7
Details Url 63 
https://www.torproject.org