New Radamant Ransomware Kit adds RDM Extension to Encrypted Files
Tags
attack-pattern: Data Domains - T1583.001 Domains - T1584.001 Software - T1592.002 Tool - T1588.002
Show in Graph
Common Information
Type Value
UUID 92ee1caf-e18f-437f-be38-a40efee2d3ce
Fingerprint 96f6ab5ba0343e57
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 18, 2015, midnight
Added to db Sept. 26, 2022, 9:32 a.m.
Last updated Nov. 18, 2024, 1:24 p.m.
Headline New Radamant Ransomware Kit adds RDM Extension to Encrypted Files
Title New Radamant Ransomware Kit adds RDM Extension to Encrypted Files
Detected Hints/Tags/Attributes 49/1/8
Source URLs
Redirection Url
Details Source http://www.bleepingcomputer.com/news/security/new-radamant-ransomware-kit-adds-rdm-extension-to-encrypted-files/
URL Provider
Details Provider Source level domain
Details bleepingcomputer.com www.bleepingcomputer.com
Attributes
Details Type #Events CTI Value
Details Domain 2 
crazytrevor.com
Details Domain 2 
crazytrevor.in
Details File 2 
c:\windows\directx.exe
Details File 1 
mask.php
Details File 2130 
cmd.exe
Details File 3 
your_files.url
Details Windows Registry Key 2 
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\svchost
Details Windows Registry Key 2 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\svchost