PadCrypt, PadCrypt 2.0
Tags
attack-pattern: Data Control Panel - T1218.002 Software - T1592.002
Show in Graph
Common Information
Type Value
UUID cb152545-da43-4bc6-9da5-fd9e937c4e44
Fingerprint b233780f64e46ab6
Analysis status DONE
Considered CTI value 0
Text language
Published Feb. 14, 2016, 1 p.m.
Added to db Sept. 26, 2022, 9:32 a.m.
Last updated Nov. 14, 2024, 8:10 a.m.
Headline Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title PadCrypt, PadCrypt 2.0
Detected Hints/Tags/Attributes 28/1/21
Source URLs
Redirection Url
Details Source http://id-ransomware.blogspot.com/2016/04/padcrypt-ransomware.html
URL Provider
Details Provider Source level domain
Details blogspot.com id-ransomware.blogspot.com
Attributes
Details Type #Events CTI Value
Details Domain 9 
inbox.lv
Details Domain 1 
annaflowersweb.com
Details Domain 1 
subzone3.2fh.co
Details Domain 1 
cloudnet.online
Details Email 2 
maliko@inbox.lv
Details File 13 
me.txt
Details File 8 
help.html
Details File 33 
config.msi
Details File 2 
recyle.bin
Details File 2 
%appdata%\padcrypt\file decrypt help.html
Details File 1 
%appdata%\padcrypt\wallpaper.bmp
Details File 2 
%appdata%\padcrypt\padcrypt.exe
Details File 2 
%appdata%\padcrypt\unistl.exe
Details File 1 
%appdata%\padcrypt\padcryptuninstaller.exe
Details File 1 
%appdata%\padcrypt\decrypted_files.dat
Details File 2 
%appdata%\padcrypt\files.txt
Details File 1 
%appdata%\padcrypt\data.txt
Details File 1 
ptsks.exe
Details IPv4 1 
2.2.10.0
Details Windows Registry Key 47 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Details Windows Registry Key 20 
HKEY_CURRENT_USER\Control