Helldown, DoNex & Darktrace Ransomware
Common Information
Type Value
UUID 36594f59-ac0c-4901-a817-3f82459a1f26
Fingerprint 135a0f76476064f
Analysis status DONE
Considered CTI value 2
Text language
Published Nov. 26, 2024, 11:12 p.m.
Added to db Nov. 27, 2024, 12:57 a.m.
Last updated Dec. 11, 2024, 1:21 a.m.
Headline Helldown, DoNex & Darktrace Ransomware
Title Helldown, DoNex & Darktrace Ransomware
Detected Hints/Tags/Attributes 27/1/43
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 279
www.virustotal.com
Details Domain 4
onyxcym4mjilrsptk5uo2dhesbwntuban55mvww2olk5ygqafhu3i3yd.onion
Details Domain 182
www.torproject.org
Details Domain 3
20017623529.zip
Details File 64
1.bat
Details File 3
7cd7c04c62d2a8b4697ceebbe7dd95c910d687e4a6989c1d839117e55c1cafd7.exe
Details File 1
c:\users\admin\appdata\local\temp\ c:\users\admin\appdata\local\temp\7cd7c04c62d2a8b4697ceebbe7dd95c910d687e4a6989c1d839117e55c1cafd7.exe
Details File 3
c:\users\admin\appdata\local\temp\7cd7c04c62d2a8b4697ceebbe7dd95c910d687e4a6989c1d839117e55c1cafd7.exe
Details File 414
c:\windows\system32\cmd.exe
Details File 34
c:\windows\system32\wbem\wmic.exe
Details File 14
c:\windows\system32\vssadmin.exe
Details File 2
c:\windows\system32\vssvc.exe
Details File 22
c:\windows\syswow64\cmd.exe
Details File 5
c:\programdata\1.bat
Details File 3
c:\windows\syswow64\ping.exe
Details File 5
c:\windows\syswow64\taskkill.exe
Details File 2196
cmd.exe
Details File 145
conhost.exe
Details File 3
c:\windows\syswow64\shutdown.exe
Details File 7
c:\windows\system32\logonui.exe
Details File 21
logonui.exe
Details File 6
fgqogsxf.txt
Details File 3
c:\users\admin\appdata\local\temp\3e3fad9888856ce195c9c239ad014074f687ba288c78ef26660be93ddd97289e.exe
Details File 3
ckze.txt
Details File 4
xx.ico
Details File 3
donex.exe
Details File 79
ping.exe
Details File 3
20017623529.zip
Details sha256 7
7cd7c04c62d2a8b4697ceebbe7dd95c910d687e4a6989c1d839117e55c1cafd7
Details sha256 6
0bfe25de8c46834e9a7c216f99057d855e272eafafdfef98a6012cecbbdcfabf
Details sha256 7
3e3fad9888856ce195c9c239ad014074f687ba288c78ef26660be93ddd97289e
Details sha256 3
a02ef4063430d0607e0e7b23ea7c5bf19fad9a09a12565c6745b350b00362be6
Details sha256 7
cb48e4298b216ae532cfd3c89c8f2cbd1e32bb402866d2c81682c6671aa4f8ea
Details sha256 4
6d6134adfdf16c8ed9513aba40845b15bd314e085ef1d6bd20040afd42e36e40
Details sha256 6
0ec61a80e61f56f460fc42e5d4f0accec2b04c8db98c28ed4534946214076f2a
Details IPv4 3
173.194.195.94
Details IPv4 1498
127.0.0.1
Details Url 3
https://www.virustotal.com/graph/g65c30b9f90a74764b2de211896df55fc37cc20e964194fb390f6eaf0970af9f2
Details Url 3
https://www.virustotal.com/gui/file/cb48e4298b216ae532cfd3c89c8f2cbd1e32bb402866d2c81682c6671aa4f8ea/detection
Details Url 3
https://www.virustotal.com/gui/file/6d6134adfdf16c8ed9513aba40845b15bd314e085ef1d6bd20040afd42e36e40/community
Details Url 3
https://www.virustotal.com/gui/file/0ec61a80e61f56f460fc42e5d4f0accec2b04c8db98c28ed4534946214076f2a/behavior
Details Url 3
http://onyxcym4mjilrsptk5uo2dhesbwntuban55mvww2olk5ygqafhu3i3yd.onion
Details Url 66
https://www.torproject.org