ioc[.]one - OSINT Cyber Threat Intelligence Database

Vendetta

Tags

attack-pattern:

Data Software - T1592.002 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	b85f7cc2-20b9-4ae2-9cac-0a34fe112725
Fingerprint	b665597e045d2f1a
Analysis status	DONE
Considered CTI value	0
Text language
Published	Nov. 1, 2018, 2 a.m.
Added to db	Jan. 18, 2023, 7:54 p.m.
Last updated	Nov. 17, 2024, 6:53 p.m.
Headline	Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title	Vendetta
Detected Hints/Tags/Attributes	16/1/14

Source URLs

	Redirection	Url
Details	Source	http://id-ransomware.blogspot.com/2018/11/vendetta-ransomware.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.com	id-ransomware.blogspot.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	396		protonmail.com
Details	Domain	129		api.ipify.org
Details	Domain	145		api.telegram.org
Details	Domain	911		any.run
Details	Email	2		decryptfox@protonmail.com
Details	File	13		enc.exe
Details	File	17		files.html
Details	File	5		how_to_decrypt_files.txt
Details	File	3		log.html
Details	File	1		processes.csv
Details	Pdb	1		_enc.pdb
Details	Pdb	1		p:\read\st3\bin\release\_enc.pdb
Details	Url	11		http://api.ipify.org
Details	Url	5		https://api.telegram.org