ioc[.]one - OSINT Cyber Threat Intelligence Database

Death Ransomware Analysis part_2

Tags

cmtmf-attack-pattern:	Data Encrypted
country:	Azerbaijan Belgium Russia
attack-pattern:	Data Data Encrypted For Impact - T1486 File And Directory Discovery - T1420 Malware - T1587.001 Malware - T1588.001 Native Api - T1575 Software - T1592.002 Data Encrypted - T1022 Execution Through Api - T1106 File And Directory Discovery - T1083 Network Share Discovery - T1135

Show in Graph

Common Information

Type	Value
UUID	cb629986-b19c-4d60-9735-12f4550d4d8b
Fingerprint	86263d33adbb06d3
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 4, 2023, 6:38 p.m.
Added to db	April 4, 2023, 9:01 p.m.
Last updated	Nov. 17, 2024, 6:56 p.m.
Headline	Death Ransomware Analysis part_2
Title	Death Ransomware Analysis part_2
Detected Hints/Tags/Attributes	45/3/18

Source URLs

	Redirection	Url
Details	Source	https://medium.com/@farghly.mahmod66/death-ransomware-analysis-part-2-ec4bfb1c758f?source=rss------reverse_engineering-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	172	✔	Reverse Engineering on Medium	https://medium.com/feed/tag/reverse-engineering	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	47		iplogger.org
Details	File	1		ntos.dat
Details	sha256	2		ab828f0e0555f88e3005387cb523f221a1933bbd7db4f05902a1e5cc289e7ba4
Details	sha256	1		59e6d8cb209e6d46f74545ec551e3fe75d78a3fb7a26ece220683aadaae026a3
Details	sha256	1		0ab018c4c127a53eb70dea8979afa4a49ed66ae355e2515e6b79bfacda65f5a6
Details	MITRE ATT&CK Techniques	176		T1135
Details	MITRE ATT&CK Techniques	585		T1083
Details	MITRE ATT&CK Techniques	239		T1106
Details	MITRE ATT&CK Techniques	472		T1486
Details	MITRE ATT&CK Techniques	1		T1486.001
Details	Url	2		https://iplogger.org/1zqq77
Details	Windows Registry Key	3		HKEY_CURRENT_USER\SOFTWARE\Wacatac
Details	Windows Registry Key	21		HKEY_CLASSES_ROOT\CLSID
Details	Windows Registry Key	2		HKEY_CURRENT_USER\SOFTWARE\Wacatac\public
Details	Windows Registry Key	1		HKEY_CURRENT_USER\SOFTWARE\Wacatac\Private
Details	Windows Registry Key	1		HKEY_CURRENT_USER\Software\Wacatac
Details	Windows Registry Key	1		HKEY_CURRENT_USER\Software\Wacatac\Private
Details	Windows Registry Key	1		HKEY_CURRENT_USER\Software\Wacatac\Public