New Variant of Sigma Ransomware | Subpoena Scare Users in Russia
Tags
| country: | Russia Ukraine United States Of America |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 9b7f5361-c49e-407a-b49e-28c70575f619 |
| Fingerprint | 9637e8bd2a01e296 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | June 7, 2018, 9:13 a.m. |
| Added to db | Jan. 18, 2023, 8:22 p.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | From Russia with Subpoena: New Variant of Sigma Ransomware to Scare Users |
| Title | New Variant of Sigma Ransomware | Subpoena Scare Users in Russia |
| Detected Hints/Tags/Attributes | 45/3/44 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | uscourtgove.com |
|
| Details | Domain | 7 | archive.torproject.org |
|
| Details | Domain | 4 | system.zip |
|
| Details | Domain | 1 | uscourtsgov.com |
|
| Details | 1 | kristopher.franko@uscourtsgov.com |
||
| Details | File | 1 | megaloman.doc |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 8 | 7.zip |
|
| Details | File | 4 | system.zip |
|
| Details | File | 33 | tor.exe |
|
| Details | IPv4 | 1 | 0.3.0.7 |
|
| Details | IPv4 | 1 | 46.161.42.44 |
|
| Details | IPv4 | 1 | 46.161.42.45 |
|
| Details | IPv4 | 1 | 46.161.42.46 |
|
| Details | IPv4 | 1 | 46.161.42.47 |
|
| Details | IPv4 | 1 | 46.161.42.48 |
|
| Details | IPv4 | 1 | 46.161.42.49 |
|
| Details | IPv4 | 1 | 46.161.42.50 |
|
| Details | IPv4 | 1 | 46.161.42.51 |
|
| Details | IPv4 | 1 | 46.161.42.52 |
|
| Details | IPv4 | 1 | 46.161.42.53 |
|
| Details | IPv4 | 1 | 46.161.42.54 |
|
| Details | IPv4 | 1 | 46.161.42.55 |
|
| Details | IPv4 | 1 | 46.161.42.56 |
|
| Details | IPv4 | 1 | 46.161.42.57 |
|
| Details | IPv4 | 1 | 46.161.42.58 |
|
| Details | IPv4 | 1 | 46.161.42.59 |
|
| Details | IPv4 | 1 | 46.161.42.60 |
|
| Details | IPv4 | 1 | 46.161.42.61 |
|
| Details | IPv4 | 1 | 46.161.42.62 |
|
| Details | IPv4 | 1 | 46.161.42.63 |
|
| Details | IPv4 | 1 | 46.161.42.64 |
|
| Details | IPv4 | 1 | 46.161.42.65 |
|
| Details | IPv4 | 1 | 46.161.42.66 |
|
| Details | IPv4 | 1 | 46.161.42.67 |
|
| Details | IPv4 | 1 | 46.161.42.68 |
|
| Details | IPv4 | 1 | 46.161.42.69 |
|
| Details | IPv4 | 1 | 46.161.42.70 |
|
| Details | IPv4 | 1 | 46.161.42.71 |
|
| Details | IPv4 | 1 | 46.161.42.72 |
|
| Details | IPv4 | 1 | 46.161.42.73 |
|
| Details | IPv4 | 1 | 46.161.42.74 |
|
| Details | IPv4 | 1 | 46.161.42.75 |
|
| Details | Url | 1 | https://archive.torproject.org/tor-package-archive/torbrowser/7.0/tor-win32-0.3.0.7.zip |