XZZX CryptoMix
Tags
| attack-pattern: | Data Email Addresses - T1589.002 Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | 7a7f8f62-d68f-49c4-a829-1e593238b9e4 |
| Fingerprint | 747dedec1271aaae |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Nov. 13, 2017, 4:03 a.m. |
| Added to db | Jan. 18, 2023, 7:53 p.m. |
| Last updated | Nov. 17, 2024, 10:40 p.m. |
| Headline | Шифровальщики-вымогатели The Digest "Crypto-Ransomware" |
| Title | XZZX CryptoMix |
| Detected Hints/Tags/Attributes | 21/1/19 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://id-ransomware.blogspot.com/2017/11/xzzx-cryptomix-ransomware.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 83 | tuta.io |
|
| Details | Domain | 396 | protonmail.com |
|
| Details | Domain | 155 | yandex.com |
|
| Details | 2 | xzzx@tuta.io |
||
| Details | 2 | xzzx1@protonmail.com |
||
| Details | 2 | xzzx10@yandex.com |
||
| Details | 2 | xzzx101@yandex.com |
||
| Details | File | 1 | 1f241dd811d6ce58200c71ad147db2a0.xz |
|
| Details | File | 1 | 1fde72eb06961662a674e0d3094cfaaa.xz |
|
| Details | File | 1 | 0f9c2d52036d12b016c4400f0623f6f8.xz |
|
| Details | File | 26 | _help_instruction.txt |
|
| Details | File | 2126 | cmd.exe |
|
| Details | File | 409 | c:\windows\system32\cmd.exe |
|
| Details | File | 345 | vssadmin.exe |
|
| Details | File | 15 | background.png |
|
| Details | File | 8 | %userprofile%\downloads\_help_instruction.txt |
|
| Details | md5 | 1 | 1F241DD811D6CE58200C71AD147DB2A0 |
|
| Details | md5 | 1 | 1FDE72EB06961662A674E0D3094CFAAA |
|
| Details | md5 | 1 | 0F9C2D52036D12B016C4400F0623F6F8 |