ioc[.]one - OSINT Cyber Threat Intelligence Database

SamSam - The Evolution Continues Netting Over $325,000 in 4 Weeks

Tags

attack-pattern:

Data Model Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Vnc - T1021.005 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	6f77aa8a-034f-4dd0-8228-6a129ec3e274
Fingerprint	2430bad1f5348fc7
Analysis status	DONE
Considered CTI value	2
Text language
Published	Jan. 22, 2018, 12:29 p.m.
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Oct. 16, 2024, 3:05 a.m.
Headline	Vulnerability Information
Title	SamSam - The Evolution Continues Netting Over $325,000 in 4 Weeks
Detected Hints/Tags/Attributes	56/1/18

Source URLs

	Redirection	Url
Details	Source	http://blog.talosintelligence.com/2018/01/samsam-evolution-continues-netting-over.html
Details	Source	https://blog.talosintelligence.com/2018/01/samsam-evolution-continues-netting-over.html

URL Provider

Details	Provider	Source level domain
Details	talosintelligence.com	blog.talosintelligence.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	6		codeproject.com
Details	Domain	2		jcmi5n4c3mvgtyt5.onion
Details	Domain	16		www.codeproject.com
Details	File	1		dotnetcrypto.aspx
Details	sha256	1		0785bb93fdb219ea8cb1673de1166bea839da8ba6d7312284d2a08bd41e38cb9
Details	sha256	2		338fdf3626aa4a48a5972f291aacf3d6172dd920fe16ac4da4dd6c5b999d2f13
Details	sha256	1		3531bb1077c64840b9c95c45d382448abffa4f386ad88e125c96a38166832252
Details	sha256	1		4856f898cd27fd2fed1ea33b4d463a6ae89a9ccee49b134ea8b5492cb447fb75
Details	sha256	1		516fb821ee6c19cf2873e637c21be7603e7a39720c7d6d71a8c19d8d717a2495
Details	sha256	1		72832db9b951663b8f322778440b8720ea95cde0349a1d26477edd95b3915479
Details	sha256	1		754fab056e0319408227ad07670b77dde2414597ff5e154856ecae5e14415e1a
Details	sha256	1		88d24b497cfeb47ec6719752f2af00c802c38e7d4b5d526311d552c6d5f4ad34
Details	sha256	2		88e344977bf6451e15fe202d65471a5f75d22370050fe6ba4dfa2c2d0fae7828
Details	sha256	1		8eabfa74d88e439cfca9ccabd0ee34422892d8e58331a63bea94a7c4140cf7ab
Details	sha256	1		8f803b66f6c6bc4da9211a2c4c4c5b46a113201ecaf056d35cad325ec4054656
Details	sha256	1		dabc0f171b55f4aff88f32871374bf09da83668e1db2d2c18b0cd58ed04f0707
Details	sha256	1		e7bebd1b1419f42293732c70095f35c8310fa3afee55f1df68d4fe6bbee5397e
Details	Url	1		https://www.codeproject.com/kb/security/dotnetcrypto.aspx?msg=1790665