SymmyWare
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data |
Common Information
| Type | Value |
|---|---|
| UUID | b057da91-3465-4811-88dc-02b881eb76c2 |
| Fingerprint | 3e6521ef001c0b9b |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 1, 2018, 11:33 a.m. |
| Added to db | Jan. 18, 2023, 7:54 p.m. |
| Last updated | Nov. 15, 2024, 4:38 p.m. |
| Headline | Шифровальщики-вымогатели The Digest "Crypto-Ransomware" |
| Title | SymmyWare |
| Detected Hints/Tags/Attributes | 32/2/23 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://id-ransomware.blogspot.com/2018/11/symmyware-ransomware.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | packed.obsidium.as |
|
| Details | Domain | 11 | win32.trojan.raas.auto |
|
| Details | Domain | 162 | localbitcoins.com |
|
| Details | Domain | 89 | protonmail.ch |
|
| Details | Domain | 3 | fairybreathes.6te.net |
|
| Details | Domain | 911 | any.run |
|
| Details | 1 | simmyware@protonmail.ch |
||
| Details | File | 25 | ransom.msi |
|
| Details | File | 1 | simmyware.txt |
|
| Details | File | 122 | psexec.exe |
|
| Details | File | 1 | hybrdfjoidluty.exe |
|
| Details | File | 1 | jismldfmbgdef.exe |
|
| Details | File | 1 | watadminsvc.exe |
|
| Details | File | 1 | %temp%\65f3.tmp |
|
| Details | File | 1 | 6604.bat |
|
| Details | File | 1 | c:\jismldfmbgdef.exe |
|
| Details | File | 1 | symmyware.txt |
|
| Details | File | 1 | c:\users\admin\appdata\roaming\microsoft\word\startup\symmyware.txt |
|
| Details | File | 1 | ky.exe |
|
| Details | File | 1 | %temp%\psexec.exe |
|
| Details | File | 1 | %temp%\hybrdfjoidluty.exe |
|
| Details | Pdb | 1 | hybrdfjoidluty.pdb |
|
| Details | Pdb | 1 | d:\delphi\hybrdfjoidluty\hybrdfjoidluty\hybrdfjoidluty\obj\x86\release\hybrdfjoidluty.pdb |