Scarab-DiskDoctor
Tags
country: | Turkey |
attack-pattern: | Data Software - T1592.002 |
Common Information
Type | Value |
---|---|
UUID | a21b41a1-c5e2-4fe1-b541-fe6745b16d94 |
Fingerprint | 36a4797b2b76fb83 |
Analysis status | DONE |
Considered CTI value | 0 |
Text language | |
Published | June 2, 2018, 11:30 a.m. |
Added to db | Jan. 18, 2023, 7:54 p.m. |
Last updated | Nov. 17, 2024, 10:40 p.m. |
Headline | Шифровальщики-вымогатели The Digest "Crypto-Ransomware" |
Title | Scarab-DiskDoctor |
Detected Hints/Tags/Attributes | 37/2/18 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 396 | protonmail.com |
|
Details | Domain | 911 | any.run |
|
Details | 1 | diskdoctor@protonmail.com |
||
Details | 1 | mammon-decrypt@protonmail.com |
||
Details | 1 | decoder-help@protonmail.com |
||
Details | File | 49 | process.exe |
|
Details | File | 140 | files.txt |
|
Details | File | 2126 | cmd.exe |
|
Details | File | 43 | wbadmin.exe |
|
Details | File | 240 | wmic.exe |
|
Details | File | 345 | vssadmin.exe |
|
Details | File | 105 | bcdedit.exe |
|
Details | File | 351 | recycle.bin |
|
Details | File | 1 | localsecurityauthorityprocess.bak |
|
Details | File | 1 | %appdata%\local security authority process.exe |
|
Details | File | 1 | проблема.txt |
|
Details | File | 1 | files1.txt |
|
Details | File | 1 | files2.txt |