ioc[.]one - OSINT Cyber Threat Intelligence Database

Ransomware Roundup – Dark Power and PayMe100USD Ransomware | FortiGuard Labs

Tags

cmtmf-attack-pattern:	Supply Chain Compromise
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Datasets Malware - T1587.001 Malware - T1588.001 Network Devices - T1584.008 Phishing - T1660 Phishing - T1566 Python - T1059.006 Supply Chain Compromise - T1474 Supply Chain Compromise - T1195 Supply Chain Compromise

Show in Graph

Common Information

Type	Value
UUID	9c1d7de0-1701-43bb-a6ab-9caee7de158e
Fingerprint	a570a85b2671225e
Analysis status	DONE
Considered CTI value	2
Text language
Published	March 30, 2023, 1:51 p.m.
Added to db	March 30, 2023, 6:29 p.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	Ransomware Roundup – Dark Power and PayMe100USD Ransomware
Title	Ransomware Roundup – Dark Power and PayMe100USD Ransomware \| FortiGuard Labs
Detected Hints/Tags/Attributes	70/3/51

Source URLs

	Redirection	Url
Details	Redirection	https://feeds.fortinet.com/~/733248764/0/fortinet/blog/threat-research~Ransomware-Roundup-%E2%80%93-Dark-Power-and-PayMeUSD-Ransomware
Details	Source	https://www.fortinet.com/blog/threat-research/dark-power-and-payme100usd-ransomware
Details	Source	https://www.fortinet.com/blog/threat-research/dark-power-and-payme100usd-ransomware?&web_view=true

URL Provider

Details	Provider	Source level domain
Details	fortinet.com	www.fortinet.com
Details	fortinet.com	feeds.fortinet.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	99	✔	Cyware News - Latest Cyber News	https://cyware.com/allnews/feed	2024-08-30 22:08
Details	313	✔	Fortinet All Blogs	https://www.fortinet.com/bin/fortinet/blog-feed	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	File	117	taskmgr.exe
Details	File	57	encsvc.exe
Details	File	92	powerpnt.exe
Details	File	57	ocssd.exe
Details	File	99	steam.exe
Details	File	54	isqlplussvc.exe
Details	File	173	outlook.exe
Details	File	27	sql.exe
Details	File	57	ocomm.exe
Details	File	57	agntsvc.exe
Details	File	102	mspub.exe
Details	File	74	onenote.exe
Details	File	323	winword.exe
Details	File	58	thebat.exe
Details	File	199	excel.exe
Details	File	57	mydesktopqos.exe
Details	File	57	ocautoupds.exe
Details	File	63	thunderbird.exe
Details	File	57	synctime.exe
Details	File	52	infopath.exe
Details	File	60	mydesktopservice.exe
Details	File	199	firefox.exe
Details	File	67	oracle.exe
Details	File	55	sqbcoreservice.exe
Details	File	58	dbeng50.exe
Details	File	55	tbirdconfig.exe
Details	File	91	msaccess.exe
Details	File	86	visio.exe
Details	File	61	dbsnmp.exe
Details	File	90	wordpad.exe
Details	File	56	xfssvccon.exe
Details	File	9	readme.pdf
Details	File	1	ef.exe
Details	File	143	thumbs.db
Details	File	99	bootsect.bak
Details	File	243	autorun.inf
Details	File	100	ntuser.dat.log
Details	File	120	boot.ini
Details	File	101	iconcache.db
Details	File	90	bootfont.bin
Details	File	193	ntuser.dat
Details	File	66	ntuser.ini
Details	File	196	desktop.ini
Details	File	351	recycle.bin
Details	File	1	newbing.exe
Details	File	88	1.txt
Details	File	7	8.txt
Details	sha256	5	33c5b4c9a6c24729bb10165e34ae1cd2315cfce5763e65167bd58a57fde9a389
Details	sha256	7	11ddebd9b22a3a21be11908feda0ea1e1aa97bc67b2dfefe766fcea467367394
Details	sha256	1	c2aa5d89d1fb63c65806a789f529daf774ceff411338c43438ea6c0175e10fd0
Details	sha256	1	4daca38854ba0a471d25250f106122ff81b8bbda2b19569a9e0b6e7f56187746