ioc[.]one - OSINT Cyber Threat Intelligence Database

Keeping an Eye on Encryptor RaaS

Tags

country:	Germany
attack-pattern:	Data Botnet - T1583.005 Botnet - T1584.005 Malware - T1587.001 Malware - T1588.001 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	be51f319-0f51-4817-9133-a8315294fe1c
Fingerprint	a732823a47ffa65c
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 17, 2015, midnight
Added to db	Jan. 18, 2023, 11:18 p.m.
Last updated	Nov. 17, 2024, 12:57 p.m.
Headline	Keeping an Eye on Encryptor RaaS
Title	Keeping an Eye on Encryptor RaaS
Detected Hints/Tags/Attributes	66/2/10

Source URLs

	Redirection	Url
Details	Source	https://www.fortinet.com/blog/threat-research/keeping-an-eye-on-encryptor-raas.html

URL Provider

Details	Provider	Source level domain
Details	fortinet.com	www.fortinet.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1		5jua3omslrbkks4c.onion.link
Details	Domain	1		evilzone.org
Details	Domain	1		raas.td
Details	File	96		wallet.dat
Details	File	3		electrum.dat
Details	File	2		readme_liesmich_encryptor_raas.txt
Details	md5	1		00c4c3946ec03c915cfe4cbddffe93da
Details	md5	1		f84d54b351b7926106ef377b06423734
Details	md5	1		762a96d79e747457e086e6812816b0aa
Details	Windows Registry Key	582		HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run