ioc[.]one - OSINT Cyber Threat Intelligence Database

Decrypted: DoNex Ransomware and its Predecessors - Avast Threat Labs

Tags

country:	Netherlands Italy
attack-pattern:	Data Password Cracking - T1110.002 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	68164ac2-b8f5-4a54-8228-7fc1163fece2
Fingerprint	8750e17837c69e43
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 8, 2024, 7:48 a.m.
Added to db	Aug. 31, 2024, 12:17 a.m.
Last updated	Nov. 17, 2024, 6:49 p.m.
Headline	Decrypted: DoNex Ransomware and its Predecessors
Title	Decrypted: DoNex Ransomware and its Predecessors - Avast Threat Labs
Detected Hints/Tags/Attributes	44/2/26

Source URLs

	Redirection	Url
Details	Source	https://decoded.avast.io/threatresearch/decrypted-donex-ransomware-and-its-predecessors/?utm_source=rss&utm_medium=rss&utm_campaign=decrypted-donex-ransomware-and-its-predecessors

URL Provider

Details	Provider	Source level domain
Details	avast.io	decoded.avast.io

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	100	✔	Avast Threat Labs	https://decoded.avast.io/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	File	243	autorun.inf
Details	File	120	boot.ini
Details	File	90	bootfont.bin
Details	File	99	bootsect.bak
Details	File	196	desktop.ini
Details	File	101	iconcache.db
Details	File	193	ntuser.dat
Details	File	100	ntuser.dat.log
Details	File	66	ntuser.ini
Details	File	143	thumbs.db
Details	File	8	gdipfontcachev1.dat
Details	File	8	d3d9caps.dat
Details	File	351	recycle.bin
Details	File	33	config.msi
Details	sha256	1	9d5c4544bd06335c2ad2545b0d177218f84b77dd1834b22bf6a4cfe7e1de91fb
Details	sha256	1	04ed1a811b3594f55486a52ab81227089c178f5c73944a3a9665d7052c3b7df9
Details	sha256	3	0ec61a80e61f56f460fc42e5d4f0accec2b04c8db98c28ed4534946214076f2a
Details	sha256	1	b9b4766d6b0e63f80d49e969fbd63ae90b0d1e487ef008b55c096bf46395d32e
Details	sha256	1	2e397dcbcc630b492c01af9cb6033edd9c857e2881bead6956e43aefb16b6a21
Details	sha256	1	91745d530a8304742b58890e798448de9fbe4ea0bc057f30ab0beb522b4bb688
Details	sha256	1	2e1fd124f3e9fc238773e49bc971c882464a3686171d18ab2cd6c2859be138d1
Details	sha256	2	74b5e2d90daaf96657e4d3d800bb20bf189bb2cf487479ea0facaf6182e0d1d3
Details	sha256	2	0e60d49a967599fab179f8c885d91db25016be996d66a4e00cbb197e5085efa4
Details	sha256	3	0adde4246aaa9fb3964d1d6cf3c29b1b13074015b250eb8e5591339f92e1e3ca
Details	sha256	1	b32ae94b32bcc5724d706421f915b7f7730c4fb20b04f5ab0ca830dc88dcce4e
Details	sha256	1	6d6134adfdf16c8ed9513aba40845b15bd314e085ef1d6bd20040afd42e36e40