Rewterz Threat Advisory – New Variant of Satan Ransomware - Rewterz
Tags
Common Information
| Type | Value |
|---|---|
| UUID | c08bbe7c-374f-4298-affe-5b3f1a5e7be1 |
| Fingerprint | 5f958305d73130d |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | July 5, 2018, 9:48 p.m. |
| Added to db | Dec. 19, 2024, 4:12 a.m. |
| Last updated | Dec. 23, 2024, 11:16 a.m. |
| Headline | Rewterz Threat Advisory – New Variant of Satan Ransomware |
| Title | Rewterz Threat Advisory – New Variant of Satan Ransomware - Rewterz |
| Detected Hints/Tags/Attributes | 50/1/37 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 15 | cve-2017-12149 |
|
| Details | CVE | 86 | cve-2017-10271 |
|
| Details | CVE | 51 | cve-2017-0143 |
|
| Details | Domain | 260 | mail.ru |
|
| Details | Domain | 87 | rewterz.com |
|
| Details | 4 | satan_pro@mail.ru |
||
| Details | 32 | info@rewterz.com |
||
| Details | File | 3 | sts.exe |
|
| Details | File | 3 | down64.dll |
|
| Details | File | 249 | certutil.exe |
|
| Details | File | 1 | c:\satan.exe |
|
| Details | File | 3 | satan.exe |
|
| Details | File | 2 | c:\_how_to_decrypt_files.txt |
|
| Details | File | 2 | clist1.jsp |
|
| Details | sha256 | 2 | 3e3f8570c11dff0b5a0e061eae6bdd66cf9fa01d815658a0589d98873500358d |
|
| Details | sha256 | 4 | 15ffbb8d382cd2ff7b0bd4c87a7c0bffd1541c2fe86865af445123bc0b770d13 |
|
| Details | sha256 | 3 | b556b5c077e38dcb65d21a707c19618d02e0a65ff3f9887323728ec078660cc3 |
|
| Details | sha256 | 3 | 15292172a83f2e7f07114693ab92753ed32311dfba7d54fe36cc7229136874d9 |
|
| Details | sha256 | 3 | 0439628816cabe113315751e7113a9e9f720d7e499ffdd78acbac1ed8ba35887 |
|
| Details | sha256 | 2 | 93027b47ef0b6f7d933017320951bbbeef792a8f1bc43b3fe96c2b61f1dc2636 |
|
| Details | sha256 | 3 | cde45f7ff05f52b7215e4b0ea1f2f42ad9b42031e16a3be9772aa09e014bacdb |
|
| Details | sha256 | 32 | 85b936960fbe5100c170b777e1647ce9f0f01e3ab9742dfc23f37cb0825b30b5 |
|
| Details | sha256 | 3 | ca63dbb99d9da431bf23aca80dc787df67bb01104fb9358a7813ed2fce479362 |
|
| Details | sha256 | 3 | db0831e19a4e3a736ea7498dadc2d6702342f75fd8f7fbae1894ee2e9738c2b4 |
|
| Details | sha256 | 3 | aa8adf96fc5a7e249a6a487faaf0ed3e00c40259fdae11d4caf47a24a9d3aaed |
|
| Details | sha256 | 3 | be8eb97d8171b8c91c6bc420346f7a6d2d2f76809a667ade03c990feffadaad5 |
|
| Details | sha256 | 3 | 0259d41720f7084716a3b2bbe34ac6d3021224420f81a4e839b0b3401e5ef29f |
|
| Details | sha256 | 3 | 50f329e034db96ba254328cd1e0f588af6126c341ed92ddf4aeb96bc76835937 |
|
| Details | sha256 | 3 | aceb27720115a63b9d47e737fd878a61c52435ea4ec86ba8e58ee744bc85c4f3 |
|
| Details | sha256 | 3 | cf25bdc6711a72713d80a4a860df724a79042be210930dcbfc522da72b39bb12 |
|
| Details | sha256 | 3 | b7d8fcc3fb533e5e0069e00bc5a68551479e54a990bb1b658e1bd092c0507d68 |
|
| Details | sha256 | 3 | b2a3172a1d676f00a62df376d8da805714553bb3221a8426f9823a8a5887daaa |
|
| Details | sha256 | 3 | f0df80978b3a563077def7ba919e2f49e5883d24176e6b3371a8eef1efe2b06a |
|
| Details | sha256 | 3 | 5f30aa2fe338191b972705412b8043b0a134cdb287d754771fc225f2309e82ee |
|
| Details | sha256 | 2 | cf12eca0e10dc3370d7917e7678dc09629240d3e7cc71c5ac0df68576bea0682 |
|
| Details | IPv4 | 2 | 45.124.132.119 |
|
| Details | MITRE ATT&CK Techniques | 524 | T1105 |