Cloud Malware Fan-out with Virlock Ransomware
Tags
attack-pattern: Data Cloud Account - T1087.004 Cloud Account - T1136.003 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Software - T1592.002
Show in Graph
Common Information
Type Value
UUID 95ef424c-1f9e-4a3f-ba71-25ea6eeb14f7
Fingerprint 765798caa7f68609
Analysis status DONE
Considered CTI value 2
Text language
Published Sept. 27, 2016, 1 p.m.
Added to db Jan. 18, 2023, 11:31 p.m.
Last updated Nov. 8, 2024, 11:30 a.m.
Headline Cloud Malware Fan-out with Virlock Ransomware
Title Cloud Malware Fan-out with Virlock Ransomware
Detected Hints/Tags/Attributes 31/1/11
Source URLs
Redirection Url
Details Source https://www.netskope.com/blog/cloud-malware-fan-virlock-ransomware/
URL Provider
Details Provider Source level domain
Details netskope.com www.netskope.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
pe.pe.gn
Details File 1 
ooqywkqi.exe
Details File 1 
pwgoomeg.exe
Details File 1 
uqmsiwoy.exe
Details File 1 
hello-world.pdf
Details md5 1 
28E8B1E88CC8AA33C5AE49299C24A460
Details md5 1 
DF0B3DD3E412EF5373372EA207577C00
Details md5 1 
DE2297B150DA6785A301F690C909F96D
Details md5 1 
F0286F192D8E0A58F19FC887AAA8B2C0
Details Windows Registry Key 3 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
Details Windows Registry Key 17 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System