Prometheus
Tags
| country: | Ghana |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Third-Party Software - T1072 |
Common Information
| Type | Value |
|---|---|
| UUID | 5d3faab8-a5fd-4a61-87d7-c7410ba7d2ad |
| Fingerprint | b66e4b7e72b5387b |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | May 10, 2021, 10 a.m. |
| Added to db | Sept. 26, 2022, 9:31 a.m. |
| Last updated | Nov. 17, 2024, 9:49 a.m. |
| Headline | Шифровальщики-вымогатели The Digest "Crypto-Ransomware" |
| Title | Prometheus |
| Detected Hints/Tags/Attributes | 49/2/60 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://id-ransomware.blogspot.com/2021/05/prometheus-ransomware.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | ransom.msil.thanos.sm |
|
| Details | Domain | 59 | torproject.org |
|
| Details | Domain | 1 | promethw27cbrcot.onion |
|
| Details | Domain | 1 | prometheusdec.in |
|
| Details | Domain | 158 | aol.com |
|
| Details | Domain | 1 | supportdatarecovery.cc |
|
| Details | Domain | 62 | icanhazip.com |
|
| Details | Domain | 15 | malware.ai |
|
| Details | Domain | 14 | criptext.com |
|
| Details | Domain | 83 | tuta.io |
|
| Details | Domain | 23 | techmail.info |
|
| Details | Domain | 2 | thanos.pa |
|
| Details | Domain | 54 | mail2tor.com |
|
| Details | Domain | 167 | tutanota.com |
|
| Details | Domain | 179 | www.torproject.org |
|
| Details | Domain | 2 | mail2tor2zyjdctd.onion |
|
| Details | Domain | 3 | privyonline.com |
|
| Details | Domain | 768 | www.youtube.com |
|
| Details | Domain | 2 | thanos.mk |
|
| Details | Domain | 42 | msgsafe.io |
|
| Details | 2 | tiberiano@aol.com |
||
| Details | 2 | jeremy.albright@criptext.com |
||
| Details | 1 | id-********].[monster666@tuta.io |
||
| Details | 2 | monster666@tuta.io |
||
| Details | 2 | recoveryfiles@techmail.info |
||
| Details | 2 | proper12132@tutanota.com |
||
| Details | 2 | helpunlock@aol.com |
||
| Details | 1 | putinubiyca@privyonline.com |
||
| Details | 1 | secure811@msgsafe.io |
||
| Details | 1 | assistant@techmail.info |
||
| Details | File | 54 | file.exe |
|
| Details | File | 73 | trojan.msi |
|
| Details | File | 18 | trojan-ransom.msi |
|
| Details | File | 25 | ransom.msi |
|
| Details | File | 7 | restore_files_info.txt |
|
| Details | File | 1 | ticket.php |
|
| Details | File | 1 | cgpshare.exe |
|
| Details | File | 15 | malware.ai |
|
| Details | File | 1 | chaddad.exe |
|
| Details | File | 1 | how_to_recover_my_files.txt |
|
| Details | File | 1 | garb1.exe |
|
| Details | File | 4 | decrypt_info.txt |
|
| Details | File | 20 | techmail.inf |
|
| Details | File | 2 | worker-0.exe |
|
| Details | File | 1 | unlock_files_info.txt |
|
| Details | File | 1 | мир.txt |
|
| Details | File | 2 | инструкция.txt |
|
| Details | File | 19 | recovery.txt |
|
| Details | File | 1 | trins.exe |
|
| Details | File | 4 | db.exe |
|
| Details | md5 | 1 | e1f063d63a75e0e0e864052b1a50ab06 |
|
| Details | md5 | 1 | e8f8e4eb0d2c03f0b12fb1cf09932bbd |
|
| Details | md5 | 1 | 731797d30d8ff6eaf901e788bd4e6048 |
|
| Details | md5 | 1 | da79764c812c81317354434785b1f2d6 |
|
| Details | md5 | 1 | 537a415bcc0f3396f5f37cb3c1831f87 |
|
| Details | md5 | 1 | 1c7b91546706f854891076c3c3c964c0 |
|
| Details | md5 | 1 | 20ab243fee91b6c8df23e1ddefff2727 |
|
| Details | md5 | 1 | 498cb084983cd8626ff077110d2549ca |
|
| Details | Url | 27 | https://torproject.org |
|
| Details | Windows Registry Key | 1 | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\cgpshare.exe |