ioc[.]one - OSINT Cyber Threat Intelligence Database

Another one for the collection - mespinoza (pysa) ransomware

Tags

attack-pattern:

Show in Graph

Common Information

Type	Value
UUID	c12a3fe4-e311-4fa0-a7a9-eb71c906f039
Fingerprint	3627d8b566cb2654
Analysis status	DONE
Considered CTI value	2
Text language
Published	Dec. 14, 2019, midnight
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Nov. 17, 2024, 5:54 p.m.
Headline	Another one for the collection - Mespinoza (Pysa) Ransomware
Title	Another one for the collection - mespinoza (pysa) ransomware
Detected Hints/Tags/Attributes	44/1/20

Source URLs

	Redirection	Url
Details	Source	https://dissectingmalwa.re/another-one-for-the-collection-mespinoza-pysa-ransomware.html

URL Provider

Details	Provider	Source level domain
Details	dissectingmalwa.re	dissectingmalwa.re

Attributes

Details	Type	#Events	Value
Details	Domain	396	protonmail.com
Details	Email	2	raingemaximo@protonmail.com
Details	Email	1	gareth.mckie3l@protonmail.com
Details	Email	2	aireyeric@protonmail.com
Details	Email	2	ellershaw.kiley@protonmail.com
Details	Email	3	mespinoza980@protonmail.com
Details	Email	2	alanson_street8@protonmail.com
Details	Email	2	lambchristoffer@protonmail.com
Details	File	17	verclsid.exe
Details	File	1	c:\windows\system32\searchfolder.dll
Details	File	1	c:\windows\system32\verclsid.exe
Details	File	156	1.exe
Details	File	7	1.bin
Details	File	1	%temp%\update.bat
Details	sha256	1	a18c85399cd1ec3f1ec85cd66ff2e97a0dcf7ccb17ecf697a5376da8eda4d327
Details	sha256	1	e9662b468135f758a9487a1be50159ef57f3050b753de2915763b4ed78839ead
Details	MITRE ATT&CK Techniques	9	T1215
Details	MITRE ATT&CK Techniques	29	T1045
Details	MITRE ATT&CK Techniques	501	T1012
Details	MITRE ATT&CK Techniques	89	T1114