Thanatos Ransomware Is First to Use Bitcoin Cash. Messes Up Encryption
Tags
attack-pattern: Data Email Addresses - T1589.002 Malware - T1587.001 Malware - T1588.001 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 Brute Force - T1110
Show in Graph
Common Information
Type Value
UUID a9203e4c-fcd0-4a34-9220-d59f556a2109
Fingerprint 147600781565ba13
Analysis status DONE
Considered CTI value 0
Text language
Published Feb. 26, 2018, midnight
Added to db Sept. 26, 2022, 9:31 a.m.
Last updated Nov. 17, 2024, 6:49 p.m.
Headline Thanatos Ransomware Is First to Use Bitcoin Cash. Messes Up Encryption
Title Thanatos Ransomware Is First to Use Bitcoin Cash. Messes Up Encryption
Detected Hints/Tags/Attributes 34/1/9
Source URLs
Redirection Url
Details Source https://www.bleepingcomputer.com/news/security/thanatos-ransomware-is-first-to-use-bitcoin-cash-messes-up-encryption/
URL Provider
Details Provider Source level domain
Details bleepingcomputer.com www.bleepingcomputer.com
Attributes
Details Type #Events CTI Value
Details Domain 14 
iplogger.com
Details Domain 155 
yandex.com
Details Email 2 
thanatos1.1@yandex.com
Details File 74 
test.jpg
Details File 367 
readme.txt
Details File 33 
c:\windows\system32\notepad.exe
Details File 3 
%userprofile%\desktop\readme.txt
Details sha256 2 
fe1eafb8e31a84c14ad5638d5fd15ab18505efe4f1becaa36eb0c1d75cd1d5a9
Details Windows Registry Key 582 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run