ioc[.]one - OSINT Cyber Threat Intelligence Database

MicroCop

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Control Panel - T1218.002 Powershell - T1059.001 Software - T1592.002 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	3e402b5f-8516-4098-ba76-e33101ec3b75
Fingerprint	3637507b30e61a23
Analysis status	DONE
Considered CTI value	0
Text language
Published	June 29, 2016, 12:27 a.m.
Added to db	Jan. 18, 2023, 7:51 p.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title	MicroCop
Detected Hints/Tags/Attributes	39/2/45

Source URLs

	Redirection	Url
Details	Source	http://id-ransomware.blogspot.com/2016/06/mircop-ransomware-4848.html
Details	Source	https://id-ransomware.blogspot.com/2016/06/mircop-ransomware-4848.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.com	id-ransomware.blogspot.com

Attributes

Details	Type	#Events	Value
Details	Domain	179	hotmail.com
Details	Domain	396	protonmail.com
Details	Domain	372	wscript.shell
Details	Domain	1	shll.run
Details	Email	2	maya_157_ransom@hotmail.com
Details	Email	4	j0ra@protonmail.com
Details	Email	2	sp00f3rsupp0rt@protonmail.com
Details	File	2	original_name.png
Details	File	1	wl.jpg
Details	File	24	c.exe
Details	File	19	x.exe
Details	File	4	y.exe
Details	File	1	c:\users\user-name\appdata\local\temp\8x8x8 c:\users\user-name\appdata\local\temp\x.exe
Details	File	1	c:\users\user-name\appdata\local\temp\y.exe
Details	File	1	c:\users\user-name\appdata\local\temp\wl.jpg
Details	File	1	c:\users\user-name\appdata\local\vcgtuy.vbs
Details	File	1	c:\users\user-name\appdata\local\temp\c.exe
Details	File	1	c:\users\user-name\appdata\local\temp\putty.exe
Details	File	1	c:\users\user-name\appdata\local\passw8.txt
Details	File	1	c:\users\user-name\appdata\local\sqlite.dll
Details	File	1	c:\users\user-name\appdata\local\aut1.tmp
Details	File	1	%userprofile%\appdata\local\temp\wl.jpg
Details	File	10	01.exe
Details	File	1	%temp%\888.vbs
Details	File	1	%temp%\aut4724.tmp
Details	File	1	%temp%\aut48a2.tmp
Details	File	1	%temp%\aut48ad.tmp
Details	File	1	dollars.txt
Details	File	37	ransomware.exe
Details	File	367	readme.txt
Details	File	2	888.vbs
Details	File	1	kekw.exe
Details	File	6	migwiz.exe
Details	File	165	reg.exe
Details	File	409	c:\windows\system32\cmd.exe
Details	File	1	c:\windows\system32\migwiz\migwiz.exe
Details	File	7	%windir%\system32\reg.exe
Details	File	2	img0.jpg
Details	File	1	hexinformation.exe
Details	File	1	hexdecryptor.exe
Details	File	1	hexlocker.exe
Details	File	1	windowssystemtools.exe
Details	File	1	omware.exe
Details	Windows Registry Key	37	HKCU\Control
Details	Windows Registry Key	98	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System