Telsacrypt 4.0: In-depth analysis of a weaponised JS
Tags
attack-pattern: Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Scripting - T1064 Scripting
Show in Graph
Common Information
Type Value
UUID cf61e9b6-c242-4831-b620-380d2f2633a4
Fingerprint a8482909ad5e32ce
Analysis status DONE
Considered CTI value 0
Text language
Published April 16, 2016, 4:37 p.m.
Added to db Jan. 18, 2023, 7:56 p.m.
Last updated Nov. 14, 2024, 2:04 p.m.
Headline Deriving Cyber Threat Intelligence and Driving Threat Hunting
Title Telsacrypt 4.0: In-depth analysis of a weaponised JS
Detected Hints/Tags/Attributes 30/1/5
Source URLs
Redirection Url
Details Source http://malwarenailed.blogspot.com/2016/04/telsacrypt-40-in-depth-analysis-of.html
URL Provider
Details Provider Source level domain
Details blogspot.com malwarenailed.blogspot.com
Attributes
Details Type #Events CTI Value
Details Domain 74 
adodb.stream
Details Domain 372 
wscript.shell
Details File 1 
70.exe
Details File 380 
notepad.exe
Details File 1 
msmxml2.xml