ioc[.]one - OSINT Cyber Threat Intelligence Database

The Philadelphia Ransomware offers a Mercy Button for Compassionate Criminals

Tags

country:	Brazil Russia
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Scripting - T1064 Scripting

Show in Graph

Common Information

Type	Value
UUID	cbf609e9-57a9-47c6-96ab-6856aec80fb9
Fingerprint	9637297b156782d2
Analysis status	DONE
Considered CTI value	0
Text language
Published	Sept. 8, 2016, midnight
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Nov. 13, 2024, 9:27 a.m.
Headline	The Philadelphia Ransomware offers a Mercy Button for Compassionate Criminals
Title	The Philadelphia Ransomware offers a Mercy Button for Compassionate Criminals
Detected Hints/Tags/Attributes	51/3/11

Source URLs

	Redirection	Url
Details	Source	https://www.bleepingcomputer.com/news/security/the-philadelphia-ransomware-offers-a-mercy-button-for-compassionate-criminals/

URL Provider

Details	Provider	Source level domain
Details	bleepingcomputer.com	www.bleepingcomputer.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	2		www.docdroid.net
Details	Domain	2		sshtunnel.at
Details	File	40		www.doc
Details	File	1		philadelphia-prints.pdf
Details	File	74		test.jpg
Details	File	2		%userprofile%\isass.exe
Details	sha256	1		812ddd619e12fb2c90c8395fd02fe12638e997a29f86f7d39e42d50de832d4f0
Details	sha256	1		ea75b18697b819e6d1d159fc3a0477870f1be7e6ca498a67eb797a829a9b1d7d
Details	Url	1		https://www.docdroid.net/vjv82cc/philadelphia-prints.pdf.html
Details	Url	1		http://sshtunnel.at
Details	Windows Registry Key	7		HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Windows