ioc[.]one - OSINT Cyber Threat Intelligence Database

VoidCrypt

Tags

country:	British Indian Ocean Territory
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	5b32b047-50d3-4dee-9745-a6ab8cd2481e
Fingerprint	12f718574db41a68
Analysis status	DONE
Considered CTI value	0
Text language
Published	April 10, 2020, 6:24 a.m.
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title	VoidCrypt
Detected Hints/Tags/Attributes	40/3/84

Source URLs

	Redirection	Url
Details	Source	https://id-ransomware.blogspot.com/2020/04/void-voidcrypt-ransomware.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.com	id-ransomware.blogspot.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	ouroboros.gg
Details	Domain	1	ransom.win32.ouroboros.ae
Details	Domain	1174	gmail.com
Details	Domain	396	protonmail.com
Details	Domain	3	www.sfml-dev.org
Details	Domain	246	mail.ru
Details	Domain	14	ibb.co
Details	Domain	911	any.run
Details	Domain	167	tutanota.com
Details	Domain	15	elude.in
Details	Domain	158	aol.com
Details	Domain	144	cock.li
Details	Domain	58	mailfence.com
Details	Domain	89	protonmail.ch
Details	Email	1	file001.tif.[usdatadecrypt@gmail.com
Details	Email	1	file001.doc.[xtredboy@protonmail.com
Details	Email	1	file001.jpg.[stevenxx134@gmail.com
Details	Email	2	xtredboy@protonmail.com
Details	Email	2	encryptedxtredboy@protonmail.com
Details	Email	1	stevenxx134@gmail.com.exe
Details	Email	2	usdatadecrypt@gmail.com
Details	Email	2	stevenxx134@gmail.com
Details	Email	2	steven77xx@mail.ru
Details	Email	3	steven77xx@protonmail.com
Details	Email	2	decrptoffice@gmail.com
Details	Email	2	decrpt@tutanota.com
Details	Email	1	decrptoffice@gmail.com.exe
Details	Email	2	supportvoid@elude.in
Details	Email	2	soportevoid@tutanota.com
Details	Email	2	hichkasam@protonmail.com
Details	Email	2	helpdiamond@protonmail.com
Details	Email	2	unl0ckerpkx@tutanota.com
Details	Email	2	brilliancebk@protonmail.com
Details	Email	2	lizardbkup@protonmail.com
Details	Email	2	elmershawn@aol.com
Details	Email	2	decoderma@tutanota.com
Details	Email	2	decoderma@protonmail.com
Details	Email	1	decoderma@tutanota.com.exe
Details	Email	2	missdecryptor@protonmail.com
Details	Email	2	voidfiles@tutanota.com
Details	Email	2	voidfiles@protonmail.com
Details	Email	2	pentagon11@protonmail.com
Details	Email	2	guaranteedsupport@protonmail.com
Details	Email	2	coronavirus19@tutanota.com
Details	Email	2	ghostmax@cock.li
Details	Email	2	decrypterfile@mailfence.com
Details	Email	2	hosdecoder@aol.com
Details	Email	2	decrypterfile@protonmail.com
Details	Email	1	decrypterfile@mailfence.com.exe
Details	Email	2	sleepme134@gmail.com
Details	Email	2	colderman@mailfence.com
Details	Email	2	encrypt4u@tutanota.com
Details	Email	2	encryptfile@protonmail.com
Details	Email	2	encryptfile@cock.li
Details	Email	2	rsaencrypt@tutanota.com
Details	Email	2	rsaencrypt@protonmail.ch
Details	File	4	1.c4
Details	File	1	file001.tif
Details	File	1	file001.doc
Details	File	1	file001.jpg
Details	File	23	com.exe
Details	File	2125	cmd.exe
Details	File	22	%windir%\system32\cmd.exe
Details	File	256	net.exe
Details	File	48	net1.exe
Details	File	1	%windir%\system32\net1 stop sqlwriter cmd.exe
Details	File	1	%windir%\system32\net1 stop sqlbrowser cmd.exe
Details	File	1	%windir%\system32\net1 stop mssqlserver cmd.exe
Details	File	1	%windir%\system32\net1 stop msdtc cmd.exe
Details	File	1	%windir%\system32\net1 stop sqlserveragent cmd.exe
Details	File	1	%windir%\system32\net1 stop vds cmd.exe
Details	File	76	netsh.exe
Details	File	1	ido.txt
Details	File	1	idk.txt
Details	File	2	pubkey.txt
Details	File	2	pkey.txt
Details	File	1	prvkey.txt
Details	File	1	txt.key
Details	File	1	prvkey3.txt
Details	File	1	c:\programdata\ido.txt
Details	File	1	c:\programdata\pubkey.txt
Details	File	2	ip-provider.php
Details	File	13	1.png
Details	Pdb	1	d:\yo\chaos\release\chaos.pdb