FileIce, Survey
Tags
attack-pattern: Software - T1592.002
Show in Graph
Common Information
Type Value
UUID ebfd7f31-7dcc-49da-a54c-f6988bda0bb0
Fingerprint f2144797c07c717a
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 28, 2016, 11:47 a.m.
Added to db Sept. 26, 2022, 9:32 a.m.
Last updated Nov. 2, 2024, 8:51 p.m.
Headline Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title FileIce, Survey
Detected Hints/Tags/Attributes 12/1/10
Source URLs
Redirection Url
Details Source http://id-ransomware.blogspot.com/2016/10/fileice-ransomware-survey.html
Details Source https://id-ransomware.blogspot.co.il/2016/10/fileice-ransomware-survey.html
URL Provider
Details Provider Source level domain
Details blogspot.co.il id-ransomware.blogspot.co.il
Details blogspot.com id-ransomware.blogspot.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
fileice.net
Details Domain 2 
www.fileice.net
Details File 1 
fileiceransomware.exe
Details File 1 
c:\users\user_name\downloads\thxforyurtyme.txt
Details File 2 
c:\seo\sdchost.exe
Details File 98 
download.php
Details IPv4 1 
66.252.2.22
Details Windows Registry Key 13 
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System
Details Windows Registry Key 5 
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Details Windows Registry Key 2 
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Sdchost