MCrypt2018
Tags
cmtmf-attack-pattern: Data Encrypted
attack-pattern: Data Encrypted - T1022
Show in Graph
Common Information
Type Value
UUID 6346ec33-c7c4-466f-b1a8-4dc0b52d8d0c
Fingerprint 20ed19ae025c6bba
Analysis status DONE
Considered CTI value 0
Text language
Published Nov. 2, 2018, 11:30 a.m.
Added to db Jan. 18, 2023, 7:54 p.m.
Last updated Nov. 15, 2024, 4:38 p.m.
Headline Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title MCrypt2018
Detected Hints/Tags/Attributes 13/2/22
Source URLs
Redirection Url
Details Source http://id-ransomware.blogspot.com/2018/11/mcrypt2018-ransomware.html
URL Provider
Details Provider Source level domain
Details blogspot.com id-ransomware.blogspot.com
Attributes
Details Type #Events CTI Value
Details Domain 155 
yandex.com
Details Domain 911 
any.run
Details Email 1 
mcrypt2018@yandex.com
Details File 4 
dcrypt.exe
Details File 8 
dcrypt.sys
Details File 2 
mylog.txt
Details File 2 
c:\users\public\mylog.txt
Details File 5 
dcapi.dll
Details File 5 
dccon.exe
Details File 4 
dcinst.exe
Details File 5 
mount.exe
Details File 5 
netpass.exe
Details File 2 
netpass.txt
Details File 3 
log_file.txt
Details File 4 
netuse.txt
Details Windows Registry Key 3 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefragmentService
Details Windows Registry Key 3 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dcrypt
Details Windows Registry Key 2 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dcrypt\config
Details Windows Registry Key 2 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dcrypt\Instances
Details Windows Registry Key 2 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dcrypt\Instances\dcrypt
Details Windows Registry Key 2 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dcrypt\Security
Details Windows Registry Key 2 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dcrypt\Enum