ioc[.]one - OSINT Cyber Threat Intelligence Database

SamSam

Tags

attack-pattern:

Data Malware - T1587.001 Malware - T1588.001 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	dc45d255-e856-449a-96f3-9753006dd882
Fingerprint	66b5c3ffc036927f
Analysis status	DONE
Considered CTI value	0
Text language
Published	March 17, 2016, 10:04 p.m.
Added to db	Sept. 26, 2022, 9:32 a.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title	SamSam
Detected Hints/Tags/Attributes	51/1/83

Source URLs

	Redirection	Url
Details	Source	http://id-ransomware.blogspot.com/2016/03/samsam.html
Details	Source	https://id-ransomware.blogspot.com/2016/03/samsam.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.com	id-ransomware.blogspot.com

Attributes

Details	Type	#Events	Value
Details	Domain	132	blockchain.info
Details	Domain	162	localbitcoins.com
Details	Domain	27	coincafe.com
Details	Domain	10	www.bitstamp.net
Details	Domain	5	www.kraken.com
Details	Domain	1	www.ccedk.com
Details	Domain	1	bitcurex.com
Details	Domain	1	lordsecure4u.wordpress.com
Details	Domain	1	wzrw3hmj3pveaaqh.onion
Details	Domain	1	qjvah4btqkppaudo.onion
Details	Domain	1	qjy2f3q45elp2tlc.onion
Details	Domain	1	heyvkn3uty2irsjx.onion
Details	Domain	1	v45y2fwx5ugpegmi.onion
Details	Domain	1	pt7ow5kk6dxkobcq.onion
Details	Domain	1	fxn5ao5mmaktpsug.onion
Details	Domain	396	protonmail.com
Details	Domain	1174	gmail.com
Details	Email	2	greystars@protonmail.com
Details	Email	1	steamgamer99@gmail.com
Details	File	4	samsam.exe
Details	File	18	trojan-ransom.msi
Details	File	4	help_decrypt_your_files.html
Details	File	133	blockchain.inf
Details	File	345	vssadmin.exe
Details	File	2	jbossass.jsp
Details	File	1	shellinvoker.jsp
Details	File	1	mela.jsp
Details	File	1	zecmd.jsp
Details	File	9	cmd.jsp
Details	File	1	wstats.jsp
Details	File	1	idssvc.jsp
Details	File	1	iesvc.jsp
Details	File	5	p7b.p7c
Details	File	2	delfiletype.exe
Details	File	2	sqlsrvtmg1.exe
Details	File	122	psexec.exe
Details	File	12	del.exe
Details	File	3	selfdel.exe
Details	File	20	list.txt
Details	File	1	c:\windows\system32\samsam.exe
Details	File	1	help_for_decrypt_file.html
Details	File	1	wanadoesme.exe
Details	File	1	000-help_for_decrypt_file.html
Details	File	1	read-for-hellpp.html
Details	File	1	barbimos2.exe
Details	File	1	sobusy.exe
Details	File	2	000-please-read-we-help.html
Details	File	2	windir.exe
Details	File	1	anabella2.exe
Details	File	1	002-happen-enced-files.html
Details	File	2	where-your-files.html
Details	File	2	help-me-enced-files.html
Details	File	1	001-pls-dec-my-files.html
Details	File	1	000-wow-read-for-decryp.html
Details	File	2	we-must-dec-files.html
Details	File	1	000-if-you-want-dec-files.html
Details	File	1	let-me-try-dec-files.html
Details	File	1	001-read-for-decrypt-files.html
Details	File	1	preguess2.exe
Details	File	2	read-read-read.html
Details	File	1	please-readit-if_you-want.html
Details	File	1	emetic45.exe
Details	File	1	if_want_files_back_pls_read.html
Details	File	1	read_read_dec_files.html
Details	File	1	we-can-help-u.html
Details	File	1	cheerful2.exe
Details	File	1	2768784_cheerful2.exe
Details	File	1	please-readme-affected-files.html
Details	File	1	convinced2.exe
Details	File	1	please-readme-howto-recovery.html
Details	File	1	005-do-you-want-files.html
Details	File	1	0000-sorry-for-files.html
Details	File	1	0009-sorry-for-files.html
Details	File	2	how-to-recover-your-files.html
Details	File	1	fuckyoujaythl_help_encrypted_files.txt
Details	Url	22	https://blockchain.info
Details	Url	33	https://localbitcoins.com
Details	Url	5	https://coincafe.com
Details	Url	8	https://www.bitstamp.net
Details	Url	5	https://www.kraken.com
Details	Url	1	https://www.ccedk.com
Details	Url	1	https://bitcurex.com
Details	Url	1	http://v45y2fwx5ugpegmi.onion/246526744emetic76453434