ioc[.]one - OSINT Cyber Threat Intelligence Database

MerryChristmas

Tags

cmtmf-attack-pattern:	Data Encrypted
country:	India
attack-pattern:	Data Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Data Encrypted - T1022 Third-Party Software - T1072

Show in Graph

Common Information

Type	Value
UUID	3f903418-bcbf-43ec-82ad-3922876e5d27
Fingerprint	f6310d9f50ec23fb
Analysis status	DONE
Considered CTI value	2
Text language
Published	Dec. 30, 2016, 6:04 p.m.
Added to db	Sept. 26, 2022, 9:32 a.m.
Last updated	Nov. 17, 2024, 11:40 p.m.
Headline	Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title	MerryChristmas
Detected Hints/Tags/Attributes	77/3/34

Source URLs

	Redirection	Url
Details	Source	http://id-ransomware.blogspot.com/2016/12/mrcr1-ransomware.html
Details	Source	https://id-ransomware.blogspot.co.il/2016/12/mrcr1-ransomware.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.co.il	id-ransomware.blogspot.co.il
Details	blogspot.com	id-ransomware.blogspot.com

Attributes

Details	Type	#Events	Value
Details	Domain	155	yandex.com
Details	Domain	1	onion1.host
Details	Domain	7	portableapps.com
Details	Domain	1	onion1.pw
Details	Domain	5	crl4.digicert.com
Details	Domain	6	crl3.digicert.com
Details	Domain	1	onion2.space
Details	Domain	99	india.com
Details	Email	2	comodosec@yandex.com
Details	Email	2	comodosec@india.com
Details	File	9	complaint.pdf
Details	File	28	tar.bz2
Details	File	1	micrrp.exe
Details	File	95	pdf.exe
Details	File	31	tmp.exe
Details	File	101	gate.php
Details	File	2	roaming.exe
Details	File	1	pgpclient.exe
Details	File	1	plaintnote_12545_copy.zip
Details	File	1	plaintnote_12545_copy.doc
Details	File	9	flashplayer.exe
Details	File	3	chrome_font.exe
Details	File	1206	index.php
Details	File	2	file6.exe
Details	md5	1	8483CE4927234AEF310A6843407FBEB2
Details	md5	1	5DBB73D6E3DF3EB39190AF05175F9714
Details	md5	1	AAED4F4B621E5EFE5B582A8486ABD6C3
Details	IPv4	1	81.4.123.67
Details	IPv4	1	168.235.98.160
Details	IPv4	1	66.225.197.197
Details	IPv4	5	93.184.220.29
Details	IPv4	1	168.235.78.247
Details	Windows Registry Key	582	HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Details	Windows Registry Key	480	HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce