Scarabey
Tags
| country: | Turkey |
| attack-pattern: | Data Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | df367c8e-e3b1-49c2-bdb6-37f1b733e028 |
| Fingerprint | 777c43ff187d13eb |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Dec. 2, 2017, 6:05 a.m. |
| Added to db | Sept. 26, 2022, 9:31 a.m. |
| Last updated | Nov. 17, 2024, 10:40 p.m. |
| Headline | Шифровальщики-вымогатели The Digest "Crypto-Ransomware" |
| Title | Scarabey |
| Detected Hints/Tags/Attributes | 22/2/41 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 12 | id-ransomware.ru |
|
| Details | Domain | 144 | cock.li |
|
| Details | Domain | 2 | bestchange.ru |
|
| Details | Domain | 162 | localbitcoins.com |
|
| Details | Domain | 10 | horsefucker.org |
|
| Details | Domain | 19 | bitmsg.me |
|
| Details | Domain | 396 | protonmail.com |
|
| Details | Domain | 1 | lock.li |
|
| Details | Domain | 54 | mail2tor.com |
|
| Details | Domain | 1 | txt.secure |
|
| Details | Domain | 911 | any.run |
|
| Details | 1 | support7@cock.li |
||
| Details | 1 | support56@cock.li |
||
| Details | 2 | helper023@cock.li |
||
| Details | 1 | decrypt014@cock.li |
||
| Details | 1 | locker87@cock.li |
||
| Details | 1 | scarab@horsefucker.org |
||
| Details | 1 | ibm15@horsefucker.org |
||
| Details | 1 | diven@cock.li |
||
| Details | 1 | xvalera228@protonmail.com |
||
| Details | 1 | thermal@lock.li |
||
| Details | 1 | thermal@cock.li |
||
| Details | 1 | alices@cock.li |
||
| Details | 1 | bin420@cock.li |
||
| Details | 1 | secure32@cock.li |
||
| Details | File | 2 | расшифровке.txt |
|
| Details | File | 2126 | cmd.exe |
|
| Details | File | 6 | sevnz.exe |
|
| Details | File | 3 | svhosts.exe |
|
| Details | File | 1 | c:\windows\hhsm\svhosts.exe |
|
| Details | File | 3 | файлов.txt |
|
| Details | File | 9 | файлы.txt |
|
| Details | File | 1 | oneway.txt |
|
| Details | File | 1 | rent.txt |
|
| Details | File | 1 | omerta.txt |
|
| Details | File | 1 | дальше.txt |
|
| Details | File | 16 | osk.exe |
|
| Details | Url | 1 | https://bestchange.ru |
|
| Details | Url | 8 | https://localbitcoins.com/ru/buy_bitcoins |
|
| Details | Url | 8 | http://bitmsg.me |
|
| Details | Windows Registry Key | 480 | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce |