ioc[.]one - OSINT Cyber Threat Intelligence Database

Ransomware GandCrab Version 5 Partners With Crypter Service for Obfuscation | McAfee Blog

Tags

maec-delivery-vectors:

Watering Hole

attack-pattern:

Data Direct Botnet - T1583.005 Botnet - T1584.005 Exploits - T1587.004 Exploits - T1588.005 File And Directory Discovery - T1420 File Deletion - T1070.004 File Deletion - T1630.002 Malware - T1587.001 Malware - T1588.001 Process Discovery - T1424 System Information Discovery - T1426 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Execution Through Api - T1106 File And Directory Discovery - T1083 File Deletion - T1107 Modify Registry - T1112 Powershell - T1086 Process Discovery - T1057 Query Registry - T1012 System Information Discovery - T1082 Execution Through Api

Show in Graph

Common Information

Type	Value
UUID	b5a8cdc2-521a-42aa-b06e-f7bd8bf9cbef
Fingerprint	b5b439a5ada2b782
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 10, 2018, 11:29 p.m.
Added to db	Dec. 21, 2022, 4:44 p.m.
Last updated	Nov. 17, 2024, 5:57 p.m.
Headline	Ransomware GandCrab Version 5 Partners With Crypter Service for Obfuscation
Title	Ransomware GandCrab Version 5 Partners With Crypter Service for Obfuscation \| McAfee Blog
Detected Hints/Tags/Attributes	69/2/15

Source URLs

	Redirection	Url
Details	Source	https://www.mcafee.com/blogs/other-blogs/mcafee-labs/rapidly-evolving-ransomware-gandcrab-version-5-partners-with-crypter-service-for-obfuscation/

URL Provider

Details	Provider	Source level domain
Details	mcafee.com	www.mcafee.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	504	✔	—	https://blogs.mcafee.com/tag/cybercrime/feed	2024-08-31 10:08

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	19		cve-2018-8440
Details	CVE	32		cve-2018-8120
Details	Domain	1373		twitter.com
Details	Domain	42		mcafee.com
Details	File	3		xpsprint.dll
Details	File	4		pidor.bmp
Details	md5	2		e168e9e0f4f631bafc47ddf23c9848d7
Details	md5	1		6884e3541834cc5310a3733f44b38910
Details	md5	1		2d351d67eab01124b7189c02cff7595f
Details	md5	1		41c673415dabbfa63905ff273bdc34e9
Details	md5	1		1e8226f7b587d6cd7017f789a96c4a65
Details	md5	1		fb25dfd638b1b3ca042a9902902a5ff9
Details	md5	1		df1a09dd1cc2f303a8b3d5097e53400b
Details	IPv4	4		92.63.197.48
Details	Url	1		https://twitter.com/sandboxescaper.