Petya Ransomware | CISA
Tags
Common Information
| Type | Value |
|---|---|
| UUID | b84fe65a-69b9-475c-89e7-3d5054504535 |
| Fingerprint | 95143b5faeffa381 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | July 1, 2017, midnight |
| Added to db | Sept. 26, 2022, 9:31 a.m. |
| Last updated | Nov. 17, 2024, 5:56 p.m. |
| Headline | Alert (TA17-181A) |
| Title | Petya Ransomware | CISA |
| Detected Hints/Tags/Attributes | 84/2/27 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.us-cert.gov/ncas/alerts/TA17-181A |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 126 | cve-2017-0144 |
|
| Details | CVE | 35 | cve-2017-0145 |
|
| Details | CVE | 5 | cve-2009-3103 |
|
| Details | Domain | 145 | www.us-cert.gov |
|
| Details | Domain | 1 | mischapuk6hyrn72.onion |
|
| Details | Domain | 1 | petya3jxfp2f7g3i.onion |
|
| Details | Domain | 1 | petya3sen7dyko2n.onion |
|
| Details | Domain | 2 | mischa5xyix2mrhd.onion |
|
| Details | Domain | 10 | hq.dhs.gov |
|
| Details | Domain | 167 | www.ic3.gov |
|
| Details | 7 | ncciccustomerservice@hq.dhs.gov |
||
| Details | File | 122 | psexec.exe |
|
| Details | File | 70 | e.doc |
|
| Details | File | 8 | srv2.sys |
|
| Details | File | 82 | default.aspx |
|
| Details | File | 1 | mifr-10130295_stix.xml |
|
| Details | File | 1 | ta-17-181b_iocs.csv |
|
| Details | File | 1 | ta-17-181a_iocs.csv |
|
| Details | Url | 1 | https://www.us-cert.gov/grizzlysteppe. |
|
| Details | Url | 1 | http://mischapuk6hyrn72.onion |
|
| Details | Url | 1 | http://petya3jxfp2f7g3i.onion |
|
| Details | Url | 1 | http://petya3sen7dyko2n.onion |
|
| Details | Url | 1 | http://mischa5xyix2mrhd.onion/mz2mmj |
|
| Details | Url | 1 | http://mischapuk6hyrn72.onion/mz2mmj |
|
| Details | Url | 1 | http://petya3jxfp2f7g3i.onion/mz2mmj |
|
| Details | Url | 1 | http://petya3sen7dyko2n.onion/mz2mmj |
|
| Details | Url | 1 | https://www.ic3.gov/default.aspx |