Kraken Cryptor
Tags
| country: | Armenia Azerbaijan Belarus Brazil Estonia Georgia Iran Kazakhstan Kyrgyzstan Latvia Lithuania Moldova Tajikistan Uzbekistan Turkmenistan Ukraine |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Direct Software - T1592.002 Connection Proxy - T1090 |
Common Information
| Type | Value |
|---|---|
| UUID | e0cdd8d9-229a-4def-9c3a-6ffcbe9866af |
| Fingerprint | 96ed595f19ef0a3b |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Aug. 21, 2018, 7 p.m. |
| Added to db | Jan. 18, 2023, 7:54 p.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | Шифровальщики-вымогатели The Digest "Crypto-Ransomware" |
| Title | Kraken Cryptor |
| Detected Hints/Tags/Attributes | 82/3/60 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://id-ransomware.blogspot.com/2018/08/kraken-cryptor-ransomware.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | 00000000-lock.onion |
|
| Details | Domain | 1 | 00000001-lock.onion |
|
| Details | Domain | 1 | 00000002-lock.onion |
|
| Details | Domain | 1 | 00000003-lock.onion |
|
| Details | Domain | 1 | 00000004-lock.onion |
|
| Details | Domain | 1 | 00000005-lock.onion |
|
| Details | Domain | 7 | memeware.net |
|
| Details | Domain | 30 | bitmessage.ch |
|
| Details | Domain | 622 | en.wikipedia.org |
|
| Details | Domain | 162 | localbitcoins.com |
|
| Details | Domain | 1 | bitcoins.org |
|
| Details | Domain | 911 | any.run |
|
| Details | Domain | 24 | 420blaze.it |
|
| Details | Domain | 3 | blasze.tk |
|
| Details | Domain | 144 | cock.li |
|
| Details | Domain | 396 | protonmail.com |
|
| Details | Domain | 2 | kraken656kn6wyyx.onion |
|
| Details | Domain | 15 | 2no.co |
|
| Details | Domain | 14 | iplogger.com |
|
| Details | Domain | 179 | www.torproject.org |
|
| Details | Domain | 291 | raw.githubusercontent.com |
|
| Details | 2 | onionhelp@memeware.net |
||
| Details | 1 | bm-2cwdhn4f5uymvrudbgs5bk77nscfalmjkr@bitmessage.ch |
||
| Details | 1 | bm-2cuekuqxnffbg89vwtzi4twyimomafzy6o@bitmessage.ch |
||
| Details | 2 | nikolatesla@cock.li |
||
| Details | 2 | nikolateslaproton@protonmail.com |
||
| Details | File | 5 | kraken.exe |
|
| Details | File | 3 | krakenc.exe |
|
| Details | File | 73 | trojan.msi |
|
| Details | File | 140 | files.txt |
|
| Details | File | 95 | wevtutil.exe |
|
| Details | File | 99 | bootsect.bak |
|
| Details | File | 196 | desktop.ini |
|
| Details | File | 101 | iconcache.db |
|
| Details | File | 193 | ntuser.dat |
|
| Details | File | 143 | thumbs.db |
|
| Details | File | 351 | recycle.bin |
|
| Details | File | 3 | release.bat |
|
| Details | File | 14 | sdelete.exe |
|
| Details | File | 3 | sdelete64.exe |
|
| Details | File | 3 | cabxxxx.exe |
|
| Details | File | 3 | tarxxxx.exe |
|
| Details | File | 3 | superantispywares.exe |
|
| Details | File | 17 | files.html |
|
| Details | File | 4 | yandex.exe |
|
| Details | File | 10 | 8.zip |
|
| Details | File | 4 | polipo.exe |
|
| Details | File | 1 | files-jlcw2.html |
|
| Details | Github username | 1 | turbo |
|
| Details | IPv4 | 1 | 0.3.4.8 |
|
| Details | IPv4 | 1441 | 127.0.0.1 |
|
| Details | IPv4 | 4 | 2.0.7.1 |
|
| Details | Url | 1 | https://en.wikipedia.org/wiki/bitcoins |
|
| Details | Url | 52 | https://localbitcoins.com/buy_bitcoins |
|
| Details | Url | 1 | https://bitcoins.org/en/exchanges |
|
| Details | Url | 1 | https://2no.co/2svja5. |
|
| Details | Url | 1 | https://www.torproject.org/dist/torbrowser/8.0.2/tor-win32-0.3.4.8.zip |
|
| Details | Url | 1 | http://raw.githubusercontent.com/turbo/torgateway/master/polipo.exe |
|
| Details | Url | 1 | http://kraken656kn6wyyx.onion/api/%1 |
|
| Details | Windows Registry Key | 1 | HKEY_CURRENT_USER\Software\Sysinternals\SDelete |