ProLock
Tags
| attack-pattern: | Data Powershell - T1059.001 Software - T1592.002 Tool - T1588.002 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | 9818104c-89a2-4c36-a1a6-54328f8588ed |
| Fingerprint | 3664707e5a343132 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | March 17, 2020, 11:26 a.m. |
| Added to db | Sept. 26, 2022, 9:34 a.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | Шифровальщики-вымогатели The Digest "Crypto-Ransomware" |
| Title | ProLock |
| Detected Hints/Tags/Attributes | 41/1/16 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://id-ransomware.blogspot.com/2020/03/prolock-ransomware.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 179 | www.torproject.org |
|
| Details | Domain | 1 | msaoyrayohnp32tcgwcanhjouetb5k54aekgnwg7dcvtgtecpumrxpqd.onion |
|
| Details | Domain | 396 | protonmail.com |
|
| Details | Domain | 911 | any.run |
|
| Details | 1 | chec1kyourf1les@protonmail.com |
||
| Details | File | 249 | schtasks.exe |
|
| Details | File | 3 | c:\programdata\winmgr.xml |
|
| Details | File | 4 | c:\programdata\run.bat |
|
| Details | File | 5 | winmgr.bmp |
|
| Details | File | 345 | vssadmin.exe |
|
| Details | File | 4 | winmgr.xml |
|
| Details | File | 26 | run.bat |
|
| Details | File | 15 | clean.bat |
|
| Details | File | 3 | c:\programdata\winmgr.bmp |
|
| Details | File | 3 | c:\programdata\clean.bat |
|
| Details | Url | 63 | https://www.torproject.org |