GpCode Ransomware 2010 Simple Analysis
Tags
| country: | France |
| attack-pattern: | Data Model Malware - T1587.001 Malware - T1588.001 |
Common Information
| Type | Value |
|---|---|
| UUID | c77c7d7d-9965-43cb-9371-18a413a37e44 |
| Fingerprint | bb353212e48994c4 |
| Analysis status | DONE |
| Considered CTI value | 1 |
| Text language | |
| Published | Jan. 30, 2011, 1:03 a.m. |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 12, 2024, 11:51 a.m. |
| Headline | XyliBox |
| Title | GpCode Ransomware 2010 Simple Analysis |
| Detected Hints/Tags/Attributes | 51/2/18 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://www.xylibox.com/2011/01/gpcode-ransomware-2010-simple-analysis.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 45 | www.securelist.com |
|
| Details | Domain | 3 | fastmail.fm |
|
| Details | Domain | 1 | windows.inc |
|
| Details | Domain | 1 | libname.inc |
|
| Details | Domain | 1 | gpcode.data |
|
| Details | 1 | datafinder@fastmail.fm |
||
| Details | File | 140 | files.txt |
|
| Details | File | 14 | c:\autoexec.bat |
|
| Details | File | 1 | autoexec.txt |
|
| Details | File | 1 | c:\autoexec.txt |
|
| Details | File | 1 | brndlog.txt |
|
| Details | File | 1 | ntfs_system.bat |
|
| Details | File | 2 | windows.inc |
|
| Details | File | 1 | libname.inc |
|
| Details | File | 1 | gpcode.dat |
|
| Details | md5 | 1 | b14c45c1792038fd69b5c75e604242a3 |
|
| Details | sha1 | 1 | 54ab323053f1138e5ccaa8f8afaa38cabca9491f |
|
| Details | Url | 1 | http://www.securelist.com/en/blog/333/gpcode_like_ransomware_is_back |