TrumpLocker
Tags
| attack-pattern: | Data Msbuild - T1127.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | aaa5c64b-bec7-471d-8268-0fc160826eb9 |
| Fingerprint | 36554a7e5567fa37 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Feb. 22, 2017, 7:50 a.m. |
| Added to db | Sept. 26, 2022, 9:32 a.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | Шифровальщики-вымогатели The Digest "Crypto-Ransomware" |
| Title | TrumpLocker |
| Detected Hints/Tags/Attributes | 69/1/32 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 622 | en.wikipedia.org |
|
| Details | Domain | 54 | mail2tor.com |
|
| Details | Domain | 132 | blockchain.info |
|
| Details | Domain | 162 | localbitcoins.com |
|
| Details | Domain | 27 | coincafe.com |
|
| Details | Domain | 23 | btcdirect.eu |
|
| Details | Domain | 39 | cex.io |
|
| Details | Domain | 15 | coinmama.com |
|
| Details | Domain | 18 | howtobuybitcoins.info |
|
| Details | Domain | 4 | perfectmoney.is |
|
| Details | Domain | 4 | pmbitcoin.com |
|
| Details | Domain | 65 | imgur.com |
|
| Details | Domain | 285 | microsoft.net |
|
| Details | Domain | 1 | 3q27hfpradjovwyo.onion.cab |
|
| Details | File | 140 | files.txt |
|
| Details | File | 133 | blockchain.inf |
|
| Details | File | 18 | howtobuybitcoins.inf |
|
| Details | File | 1 | g4ly4ad.jpg |
|
| Details | File | 1 | myfiies.txt |
|
| Details | File | 5 | c:\\windows\\system32\\wbem\\wmic.exe |
|
| Details | File | 1 | trumplocker.exe |
|
| Details | File | 3 | ransomnote.exe |
|
| Details | File | 14 | bg.jpg |
|
| Details | File | 1 | c:\users\user_name\desktop\what happen to my files.txt |
|
| Details | File | 1 | c:\users\user_name\g4ly4ad.jpg |
|
| Details | File | 1 | c:\users\user_name\desktop\ransomnote.exe |
|
| Details | File | 29 | onion.cab |
|
| Details | Url | 23 | https://en.wikipedia.org/wiki/rsa_ |
|
| Details | Url | 22 | https://blockchain.info |
|
| Details | Url | 4 | https://perfectmoney.is |
|
| Details | Url | 4 | https://pmbitcoin.com/btc |
|
| Details | Windows Registry Key | 1 | HKCU\Software\Microsoft\Windows\CurrentVersion\Run\TheTrumpLocker |