ioc[.]one - OSINT Cyber Threat Intelligence Database

XZZX Cryptomix Ransomware Variant Released

Tags

attack-pattern:

Data Email Addresses - T1589.002 Malware - T1587.001 Malware - T1588.001 Software - T1592.002 Vulnerabilities - T1588.006

Show in Graph

Common Information

Type	Value
UUID	d03438ac-93ed-4f89-a9f9-3b86dab2ca8d
Fingerprint	c574892cbff338db
Analysis status	DONE
Considered CTI value	0
Text language
Published	Nov. 13, 2017, midnight
Added to db	Sept. 26, 2022, 9:32 a.m.
Last updated	Nov. 17, 2024, 10:40 p.m.
Headline	XZZX Cryptomix Ransomware Variant Released
Title	XZZX Cryptomix Ransomware Variant Released
Detected Hints/Tags/Attributes	25/1/14

Source URLs

	Redirection	Url
Details	Source	https://www.bleepingcomputer.com/news/security/xzzx-cryptomix-ransomware-variant-released/

URL Provider

Details	Provider	Source level domain
Details	bleepingcomputer.com	www.bleepingcomputer.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	83		tuta.io
Details	Domain	396		protonmail.com
Details	Domain	155		yandex.com
Details	Email	2		xzzx@tuta.io
Details	Email	2		xzzx1@protonmail.com
Details	Email	2		xzzx10@yandex.com
Details	Email	2		xzzx101@yandex.com
Details	File	26		_help_instruction.txt
Details	File	1		0d0a516824060636c21ec8bc280fea12.xz
Details	File	2126		cmd.exe
Details	File	409		c:\windows\system32\cmd.exe
Details	File	345		vssadmin.exe
Details	md5	3		0D0A516824060636C21EC8BC280FEA12
Details	sha256	1		33a60a16e50b8df2a731023951475ff0f973fc66334d2cfa6ce30aa36bb36414