ioc[.]one - OSINT Cyber Threat Intelligence Database

Nice Try: 501 (Ransomware) Not Implemented | Mandiant

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Email Addresses - T1589.002 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	e3fd3eae-0e1a-414c-b98e-18b9181bae41
Fingerprint	b431887b053a8283
Analysis status	DONE
Considered CTI value	2
Text language
Published	Jan. 24, 2020, midnight
Added to db	Nov. 9, 2023, 12:24 a.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	Nice Try: 501 (Ransomware) Not Implemented
Title	Nice Try: 501 (Ransomware) Not Implemented \| Mandiant
Detected Hints/Tags/Attributes	49/2/40

Source URLs

	Redirection	Url
Details	Source	https://www.mandiant.com/resources/blog/nice-try-501-ransomware-not-implemented

URL Provider

Details	Provider	Source level domain
Details	mandiant.com	www.mandiant.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	330	✔	Threat Intelligence	https://www.mandiant.com/resources/blog/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CVE	161	cve-2019-19781
Details	Domain	2	ld.sh
Details	Domain	2	de.py
Details	Domain	5	scan.py
Details	Domain	1	net.zip
Details	Domain	2	new.zip
Details	Domain	396	protonmail.com
Details	Domain	24	ctemplar.com
Details	Domain	155	yandex.com
Details	Email	2	asgardmaster5@protonmail.com
Details	Email	2	ragnar0k@ctemplar.com
Details	Email	2	j.jasonm@yandex.com
Details	File	2	de.py
Details	File	5	scan.py
Details	File	1	net.zip
Details	File	23	x86.dll
Details	File	38	x64.dll
Details	File	2	new.zip
Details	File	1	since1969.exe
Details	File	226	certutil.exe
Details	File	2125	cmd.exe
Details	File	1	avpass.exe
Details	md5	1	0caf9be8fd7ba5b605b7a7b315ef17a0
Details	md5	1	9aa67d856e584b4eefc4791d2634476a
Details	md5	1	55b40e0068429fbbb16f2113d6842ed2
Details	md5	1	b0acb27273563a5a2a5f71165606808c
Details	md5	1	6cf1857e569432fcfc8e506c8b0db635
Details	md5	1	9e408d947ceba27259e2a9a5c71a75a8
Details	md5	1	e345c861058a18510e7c4bb616e3fd9f
Details	md5	1	48452dd2506831d0b340e45b08799623
Details	md5	1	91dd06f49b09a2242d4085703599b7a7
Details	md5	1	01af5ad23a282d0fd40597c1024307ca
Details	md5	1	bd977d9d2b68dd9b12a3878edd192319
Details	IPv4	1	45.120.53.214
Details	IPv4	1	198.44.227.126
Details	Pdb	1	c:\users\ragnarok\source\repos\avpass\debug\avpass.pdb
Details	Url	1	http://198.44.227.126:81/citrix/ld.sh
Details	Url	1	http://45.120.53.214/piz.lan
Details	Url	1	http://45.120.53.214/patch32
Details	Url	1	http://45.120.53.214/patch64