ioc[.]one - OSINT Cyber Threat Intelligence Database

Diving into the Sun — SunCrypt: A new neighbour in the ransomware mafia

Tags

cmtmf-attack-pattern:	Obfuscated Files Or Information Process Injection
country:	Germany France Spain Laos
attack-pattern:	Data Model File And Directory Discovery - T1420 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Obfuscated Files Or Information - T1406 System Information Discovery - T1426 Powershell - T1059.001 Process Injection - T1631 Software - T1592.002 System Checks - T1633.001 System Checks - T1497.001 Virtualization/Sandbox Evasion - T1497 Virtualization/Sandbox Evasion - T1633 Execution Through Module Load - T1129 File And Directory Discovery - T1083 Obfuscated Files Or Information - T1027 Powershell - T1086 Process Injection - T1055 System Information Discovery - T1082 System Owner/User Discovery - T1033

Show in Graph

Common Information

Type	Value
UUID	b3967980-3f8b-4ad8-bc72-3e46454c78b8
Fingerprint	1c1298f0cde786d3
Analysis status	DONE
Considered CTI value	2
Text language
Published	Feb. 1, 2021, 6:11 p.m.
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Nov. 18, 2024, 1:38 a.m.
Headline	Diving into the Sun — SunCrypt: A new neighbour in the ransomware mafia
Title	Diving into the Sun — SunCrypt: A new neighbour in the ransomware mafia
Detected Hints/Tags/Attributes	101/3/22

Source URLs

	Redirection	Url
Details	Source	https://medium.com/@sapphirex00/diving-into-the-sun-suncrypt-a-new-neighbour-in-the-ransomware-mafia-d89010c9df83

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

Attributes

Details	Type	#Events	Value
Details	File	1209	powershell.exe
Details	File	351	recycle.bin
Details	File	9	your_files_are_encrypted.html
Details	File	229	advapi32.dll
Details	md5	2	c171bcd34151cbcd48edbce13796e0ed
Details	md5	1	479712042d7ad6600cbe2d1e5bc2fa88
Details	md5	1	0a0882b8da225406cc838991b5f67d11
Details	md5	1	3d756f9715a65def4a302f5008b03809
Details	md5	5	d87fcd8d2bf450b0056a151e9a116f72
Details	md5	1	b3ac4c0e5b64991f0a8c0add8cd6654c
Details	sha256	1	c75d83161c3768477c859b15cfe3f6c7bf707976bfed511af7015d04f7066558
Details	sha256	1	695c567285a5b331dcf1d61bb291ce850e92c57111678fe79a2e5c2e399c9310
Details	IPv4	6	91.218.114.31
Details	IPv4	3	91.218.114.30
Details	MITRE ATT&CK Techniques	1	T0127
Details	MITRE ATT&CK Techniques	238	T1497
Details	MITRE ATT&CK Techniques	585	T1083
Details	MITRE ATT&CK Techniques	1006	T1082
Details	MITRE ATT&CK Techniques	230	T1033
Details	MITRE ATT&CK Techniques	120	T1129
Details	Url	4	http://91.218.114.31
Details	Url	3	http://91.218.114.30