WannaRen, WannaMine
Tags
| attack-pattern: | Powershell - T1059.001 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | 5301fc0d-c2ba-423e-bde8-4b52afa6571b |
| Fingerprint | be763f5e4af8593b |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | March 31, 2020, 6:15 p.m. |
| Added to db | Sept. 26, 2022, 9:31 a.m. |
| Last updated | Nov. 15, 2024, 4:38 p.m. |
| Headline | Шифровальщики-вымогатели The Digest "Crypto-Ransomware" |
| Title | WannaRen, WannaMine |
| Detected Hints/Tags/Attributes | 19/1/9 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://id-ransomware.blogspot.com/2020/03/wannaren-ransomware.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 16 | goat.si |
|
| Details | Domain | 911 | any.run |
|
| Details | 1 | 請復制本軟件上的本機key和您付款給我們比特幣的時間發送到我們的郵箱地址wannarenemal@goat.si |
||
| Details | 2 | wannarenemal@goat.si |
||
| Details | 2 | wannareneval@goat.si |
||
| Details | File | 4 | 1.c4 |
|
| Details | File | 2 | wanna.exe |
|
| Details | File | 1 | 22640-1de73f49db23cf5cc6e06f47767f7fda.exe |
|
| Details | md5 | 1 | 1de73f49db23cf5cc6e06f47767f7fda |