ioc[.]one - OSINT Cyber Threat Intelligence Database

RAA

Tags

attack-pattern:

Javascript - T1059.007 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	6d08c0dd-21cc-4880-9ffc-3512d90da626
Fingerprint	be7c8af551473e6b
Analysis status	DONE
Considered CTI value	0
Text language
Published	June 12, 2016, 8:49 p.m.
Added to db	Sept. 26, 2022, 9:32 a.m.
Last updated	Nov. 17, 2024, 6:49 p.m.
Headline	Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title	RAA
Detected Hints/Tags/Attributes	14/1/9

Source URLs

	Redirection	Url
Details	Source	https://id-ransomware.blogspot.com/2016/06/raa-ransomware-aes-256-039-250.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.com	id-ransomware.blogspot.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	68		keemail.me
Details	Email	2		raa-consult1@keemail.me
Details	File	1		mgjaxnwanxls_doc_.js
Details	File	351		recycle.bin
Details	File	7		st.exe
Details	File	1		санкции.doc
Details	Windows Registry Key	1		HKCU\RAA\Raa-fnl
Details	Windows Registry Key	188		HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Details	Windows Registry Key	1		HKCU\Hff\Hff-fnl