The first cryptor to exploit Telegram
Tags
country: Russia
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002
Show in Graph
Common Information
Type Value
UUID 8db8f84c-587f-49e7-83eb-76ac224e4540
Fingerprint 9695181bed7c04d1
Analysis status DONE
Considered CTI value 0
Text language
Published Nov. 8, 2016, 10:52 a.m.
Added to db Sept. 26, 2022, 9:32 a.m.
Last updated Nov. 17, 2024, 6:53 p.m.
Headline The first cryptor to exploit Telegram
Title The first cryptor to exploit Telegram
Detected Hints/Tags/Attributes 34/2/7
Source URLs
Redirection Url
Details Source https://securelist.com/blog/research/76558/the-first-cryptor-to-exploit-telegram/
URL Provider
Details Provider Source level domain
Details securelist.com securelist.com
Attributes
Details Type #Events CTI Value
Details Domain 145 
api.telegram.org
Details Domain 2 
yandex.money
Details File 2 
%userprofile%\desktop\база зашифр файлов.txt
Details File 2 
xhelp.exe
Details md5 2 
3e24d064025ec20d6a8e8bae1d19ecdb
Details md5 1 
14d4bc13a12f8243383756de92529d6d
Details Url 33 
https://api.telegram.org/bot