PSCrypt ransomware: back in business
Tags
country: Ukraine United States Of America
maec-delivery-vectors: Watering Hole
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Software - T1592.002
Show in Graph
Common Information
Type Value
UUID d0813d5e-6b3d-443f-8ec0-fbbf6469db5d
Fingerprint 961aa9dd576606ce
Analysis status DONE
Considered CTI value 2
Text language
Published May 7, 2018, 1:45 p.m.
Added to db Jan. 18, 2023, 8:08 p.m.
Last updated Nov. 17, 2024, 5:54 p.m.
Headline Blaze's Security Blog
Title PSCrypt ransomware: back in business
Detected Hints/Tags/Attributes 35/3/24
Source URLs
Redirection Url
Details Source https://bartblaze.blogspot.com/2018/05/pscrypt-ransomware-back-in-business.html
URL Provider
Details Provider Source level domain
Details blogspot.com bartblaze.blogspot.com
Attributes
Details Type #Events CTI Value
Details Domain 285 
microsoft.net
Details Domain 4 
www.bestchange.ru
Details Domain 2 
e-btc.com.ua
Details Domain 1174 
gmail.com
Details Domain 3 
btcu.biz
Details Domain 287 
yahoo.com
Details Domain 167 
tutanota.com
Details Domain 29 
usa.com
Details Domain 136 
mail.com
Details Domain 1 
jellyfish.jpg.docs
Details Email 4 
systems32x@gmail.com
Details Email 3 
systems32x@yahoo.com
Details Email 3 
systems32x@tutanota.com
Details Email 3 
help32xme@usa.com
Details Email 3 
additional.mail@mail.com
Details File 2 
privat24-uah-to-bitcoin.html
Details File 1 
jellyfish.jpg
Details File 24 
document.html
Details md5 1 
aec5498f95a19ac143534283592544b4
Details sha1 1 
351d043a0955714031d1989e00d9fe3b84eaa823
Details sha256 1 
43584bfb791047af592c883b8707289137082f024a851b082762d3100f1f0941
Details Url 1 
https://www.bestchange.ru/privat24-uah-to-bitcoin.html
Details Url 1 
https://e-btc.com.ua
Details Url 1 
https://btcu.biz/main/how_to/buy