ioc[.]one - OSINT Cyber Threat Intelligence Database

Sage

Tags

attack-pattern:

Show in Graph

Common Information

Type	Value
UUID	72f64fd6-4bba-439f-bf81-6316cd783250
Fingerprint	2656587b40ed137f
Analysis status	DONE
Considered CTI value	0
Text language
Published	Dec. 5, 2016, 6:31 p.m.
Added to db	Sept. 26, 2022, 9:32 a.m.
Last updated	Nov. 12, 2024, 4:44 p.m.
Headline	Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title	Sage
Detected Hints/Tags/Attributes	25/1/24

Source URLs

	Redirection	Url
Details	Source	http://id-ransomware.blogspot.com/2016/12/sage-ransomware.html
Details	Source	https://id-ransomware.blogspot.co.il/2016/12/sage-ransomware.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.co.il	id-ransomware.blogspot.co.il
Details	blogspot.com	id-ransomware.blogspot.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	qbxeaekvg7o3lxnn.onion.to
Details	Domain	1	qbxeaekvg7o3lxnn.onion.cab
Details	Domain	1	qbxeaekvg7o3lxnn.onion.city
Details	Domain	179	www.torproject.org
Details	Domain	1	qbxeaekvg7o3lxnn.onion
Details	Domain	35	translate.google.com
Details	Domain	9	maps.googleapis.com
Details	Domain	59	torproject.org
Details	File	1	recovery_avukmu.txt
Details	File	1	recovery_avukmu.html
Details	File	29	onion.cab
Details	File	34	download-easy.html
Details	File	1	recovery_2g0zr9.txt
Details	File	1	recovery_2g0zr9.html
Details	File	1	c:\temp\lol.txt
Details	File	2	%temp%\0.tmp
Details	File	3	%temp%\1.tmp
Details	File	1	sage_decryptor.exe
Details	File	1	_rad86ef3.tmp
Details	Url	1	http://qbxeaekvg7o3lxnn.onion.to
Details	Url	1	http://qbxeaekvg7o3lxnn.onion.cab
Details	Url	1	http://qbxeaekvg7o3lxnn.onion.city
Details	Url	15	https://www.torproject.org/download/download-easy.html.en
Details	Url	1	http://qbxeaekvg7o3lxnn.onion