SamSam: The Doctor Will See You, After He Pays The Ransom
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 3ce031d1-e878-4c31-b856-5d8811e50c12 |
| Fingerprint | 842420b92616afc5 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | March 23, 2016, 4:38 p.m. |
| Added to db | Oct. 9, 2022, 4:16 p.m. |
| Last updated | Nov. 14, 2024, 2:04 p.m. |
| Headline | Vulnerability Information |
| Title | SamSam: The Doctor Will See You, After He Pays The Ransom |
| Detected Hints/Tags/Attributes | 67/1/23 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 904 | snort.org |
|
| Details | Domain | 1 | www.intelsecurity.com |
|
| Details | File | 4 | samsam.exe |
|
| Details | File | 8 | tunnel.jsp |
|
| Details | File | 1 | analysis_samsa_ransomware.pdf |
|
| Details | sha256 | 1 | b963b8b8c5ca14c792d2d3c8df31ee058de67108350a66a65e811fd00c9a340c |
|
| Details | sha256 | 1 | 036071786d7db553e2415ec2e71f3967baf51bdc31d0a640aa4afb87d3ce3050 |
|
| Details | sha256 | 1 | 553967d05b83364c6954d2b55b8cfc2ea3808a17c268b2eee49090e71976ba29 |
|
| Details | sha256 | 1 | a763ed678a52f77a7b75d55010124a8fccf1628eb4f7a815c6d635034227177e |
|
| Details | sha256 | 1 | 6bc2aa391b8ef260e79b99409e44011874630c2631e4487e82b76e5cb0a49307 |
|
| Details | sha256 | 1 | 7aa585e6fd0a895c295c4bea2ddb071eed1e5775f437602b577a54eef7f61044 |
|
| Details | sha256 | 1 | 939efdc272e8636fd63c1b58c2eec94cf10299cd2de30c329bd5378b6bbbd1c8 |
|
| Details | sha256 | 1 | 45e00fe90c8aa8578fce2b305840e368d62578c77e352974da6b8f8bc895d75b |
|
| Details | sha256 | 1 | 979692a34201f9fc1e1c44654dc8074a82000946deedfdf6b8985827da992868 |
|
| Details | sha256 | 1 | 0f2c5c39494f15b7ee637ad5b6b5d00a3e2f407b4f27d140cd5a821ff08acfac |
|
| Details | sha256 | 1 | 946dd4c4f3c78e7e4819a712c7fd6497722a3d616d33e3306a556a9dc99656f4 |
|
| Details | sha256 | 1 | e682ac6b874e0a6cfc5ff88798315b2cb822d165a7e6f72a5eb74e6da451e155 |
|
| Details | sha256 | 1 | 58ef87523184d5df3ed1568397cea65b3f44df06c73eadeb5d90faebe4390e3e |
|
| Details | sha256 | 1 | ffef0f1c2df157e9c2ee65a12d5b7b0f1301c4da22e7e7f3eac6b03c6487a626 |
|
| Details | sha256 | 1 | 89b4abb78970cd524dd887053d5bcd982534558efdf25c83f96e13b56b4ee805 |
|
| Details | Url | 2 | https://blogs.technet.microsoft.com/mmpc/2016/03/17/no-mas-samas-whats-in-this-ransomwares-modus-operandi |
|
| Details | Url | 1 | http://www.intelsecurity.com/advanced-threat-research/content/analysis_samsa_ransomware.pdf |
|
| Details | Url | 1 | http://www.bleepingcomputer.com/forums/t/607818/encedrsa-ransomware-support-and-help-topic-help-decrypttxt |