ioc[.]one - OSINT Cyber Threat Intelligence Database

BandarChor, Rakhni 2015

Tags

country:	India
attack-pattern:	Data Control Panel - T1218.002

Show in Graph

Common Information

Type	Value
UUID	9496c224-86d1-4b2e-a703-f96ce4eb898f
Fingerprint	be35087718e1186b
Analysis status	DONE
Considered CTI value	0
Text language
Published	March 4, 2015, 10:32 p.m.
Added to db	Sept. 26, 2022, 9:32 a.m.
Last updated	Nov. 17, 2024, 5:54 p.m.
Headline	Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title	BandarChor, Rakhni 2015
Detected Hints/Tags/Attributes	25/2/71

Source URLs

	Redirection	Url
Details	Source	http://id-ransomware.blogspot.com/2016/07/bandarchor-ransomware-aes-256.html
Details	Source	https://id-ransomware.blogspot.com/2016/07/bandarchor-ransomware-aes-256.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.com	id-ransomware.blogspot.com

Attributes

Details	Type	#Events	Value
Details	Domain	99	india.com
Details	Domain	6	lycos.com
Details	Domain	3	cryptedfiles.biz
Details	Domain	396	protonmail.com
Details	Domain	2	opensourcemail.org
Details	Domain	2	freelinuxmail.org
Details	Domain	2	weekendwarrior55.com
Details	Domain	1	encryption.guru
Details	Domain	158	aol.com
Details	Domain	1	martyanovdrweb.com
Details	Domain	1	www.fuck-isil.com
Details	Domain	1	www.ahalaymahalay.com
Details	Domain	1	kapustakapaet.com
Details	Domain	1	www.decryptindia.com
Details	Domain	1	www.enibeniraba.com
Details	Domain	1	www.netupite.com
Details	Domain	1	89025840.com
Details	Domain	1	xsmailsos.com
Details	Domain	1	sosxsmaillockedwriteonxsmailindia.com
Details	Domain	1	baitforany.com
Details	Domain	1	euvalues.com
Details	Domain	1	intelligence1938.com
Details	Domain	3	jpg.id
Details	Domain	3	decryptservice.info
Details	Domain	5	test.jpg.id
Details	Domain	12	email.cz
Details	Domain	1	archive2015.rar.sn
Details	Domain	1174	gmail.com
Details	Domain	2	archive2010.zip.sn
Details	Domain	2	archive2014.rar.sn
Details	Domain	2	document2.txt.sn
Details	Email	1	id-4361716884_europay@india.com
Details	Email	1	original_file_name].id-[random-10-digit-number]_europay@india.com
Details	Email	2	fud@india.com
Details	Email	2	fudx@lycos.com
Details	Email	2	fud@lycos.com
Details	Email	2	decode@india.com
Details	Email	2	decrypt@india.com
Details	Email	2	europay@india.com
Details	Email	2	info@cryptedfiles.biz
Details	Email	2	salutem@protonmail.com
Details	Email	2	bingo@opensourcemail.org
Details	Email	2	doctor@freelinuxmail.org
Details	Email	1	sos@encryption.guru
Details	Email	3	email_info@cryptedfiles.biz
Details	Email	2	email1_info@cryptedfiles.biz
Details	Email	2	milarepa.lotos@aol.com
Details	Email	1	number=31&id=4361716884&pc=foobar&tail=.id-4361716884_europay@india.com
Details	Email	3	help@decryptservice.info
Details	Email	3	test.jpg.id-1235240425_help@decryptservice.info
Details	Email	2	kiaracript@email.cz
Details	Email	2	kiaracript@gmail.com
Details	Email	1	sn-6633475505259148-kiaracript@gmail.com
Details	Email	2	archive2010.zip.sn-6633475505259148-kiaracript@gmail.com
Details	Email	2	archive2014.rar.sn-6633475505259148-kiaracript@gmail.com
Details	Email	2	document2.txt.sn-6862051502902366-kiaracript@gmail.com
Details	File	2	fud.bmp
Details	File	1	bytor.bmp
Details	File	31	tmp.exe
Details	File	1	edge528.exe
Details	File	1	%userprofile%\application data\bytor.bmp
Details	File	1	%userprofile%\application data\fud.bmp
Details	File	1	original_name.jpg
Details	File	29	decrypt.txt
Details	File	3	decryptservice.inf
Details	File	74	test.jpg
Details	File	1	archive2015.rar
Details	File	2	archive2010.zip
Details	File	2	archive2014.rar
Details	File	2	document2.txt
Details	Windows Registry Key	20	HKEY_CURRENT_USER\Control