MBR-ONI
Tags
| attack-pattern: | Data |
Common Information
| Type | Value |
|---|---|
| UUID | e2a04389-6d5d-47e7-a90f-04add3bc3ca6 |
| Fingerprint | 367c6d7e1e767e72 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Oct. 31, 2017, 11:30 a.m. |
| Added to db | Jan. 18, 2023, 7:53 p.m. |
| Last updated | Oct. 30, 2024, 5:20 a.m. |
| Headline | Шифровальщики-вымогатели The Digest "Crypto-Ransomware" |
| Title | MBR-ONI |
| Detected Hints/Tags/Attributes | 22/1/10 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://id-ransomware.blogspot.com/2017/10/mbr-oni-ransomware.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 6 | yahoo.co.jp |
|
| Details | 4 | hyakunoonigayoru@yahoo.co.jp |
||
| Details | 1 | oninoy0ru@yahoo.co.jp |
||
| Details | File | 2 | oni.exe |
|
| Details | File | 2 | srvupd.exe |
|
| Details | File | 12 | xcopy.exe |
|
| Details | File | 1 | qfjgmfgmkj.tmp |
|
| Details | File | 15 | clean.bat |
|
| Details | File | 15 | test.bat |
|
| Details | File | 2 | %temp%\qfjgmfgmkj.tmp |