ioc[.]one - OSINT Cyber Threat Intelligence Database

Locky Ransomware - Check Point Software

Tags

country:	Canada France Russia United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Domains - T1583.001 Domains - T1584.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	ecd82c57-b67a-4054-9247-7f01b5a3dab4
Fingerprint	b4f37df3aa30c609
Analysis status	DONE
Considered CTI value	0
Text language
Published	March 2, 2016, 3:33 p.m.
Added to db	Jan. 18, 2023, 8:16 p.m.
Last updated	Nov. 14, 2024, 2:04 p.m.
Headline	Locky Ransomware
Title	Locky Ransomware - Check Point Software
Detected Hints/Tags/Attributes	51/3/40

Source URLs

	Redirection	Url
Details	Source	https://blog.checkpoint.com/2016/03/02/locky-ransomware/

URL Provider

Details	Provider	Source level domain
Details	checkpoint.com	blog.checkpoint.com

Attributes

Details	Type	#Events	Value
Details	Domain	372	wscript.shell
Details	Domain	1	almazuelas.es
Details	Domain	1	lasmak.pl
Details	Domain	1	luigicalabrese.it
Details	Domain	2	iynus.net
Details	Domain	2	tcpos.com.vn
Details	Domain	1	accesorios.nuestroservidor.es
Details	Domain	1	blitz174.ru
Details	Domain	2	acilkiyafetgulertekstil.com
Details	Domain	2	alkofuror.com
Details	Domain	1	hazentrumsuedperlach.de
Details	Domain	1	afive.net
Details	Domain	1	demo2.master-pro.biz
Details	Domain	1	firstcopymall.com
Details	File	156	1.exe
Details	File	59	2.exe
Details	File	38	7.exe
Details	File	1	7623dh3f.exe
Details	File	2	7647gd7b43f43.exe
Details	File	1	1_5a0befc0.exe
Details	File	1	3_7223d94c.exe
Details	File	53	main.php
Details	md5	1	45B849E00131B4434D488295CB48B36C
Details	IPv4	2	173.214.183.81
Details	IPv4	1	5.101.152.77
Details	Url	1	http://almazuelas.es/1/1.exe
Details	Url	1	http://lasmak.pl/2/2.exe
Details	Url	1	http://luigicalabrese.it/7/7.exe
Details	Url	1	http://173.214.183.81/tomorrowhope/09u8h76f/65fg67n
Details	Url	1	http://iynus.net/test/09u8h76f/65fg67n
Details	Url	1	http://5.101.152.77/system/logs/56y4g45gh45h
Details	Url	2	http://tcpos.com.vn/system/logs/56y4g45gh45h
Details	Url	1	http://accesorios.nuestroservidor.es/system/logs/7623dh3f.exe?.7055475
Details	Url	1	http://blitz174.ru/system/smsgate/7623dh3f.exe?.7055475
Details	Url	1	http://acilkiyafetgulertekstil.com/system/logs/exe
Details	Url	1	http://alkofuror.com/system/engine/7647gd7b43f43.exe
Details	Url	1	http://hazentrumsuedperlach.de/1/1_5a0befc0.exe
Details	Url	1	http://afive.net/3/3_7223d94c.exe
Details	Url	1	http://demo2.master-pro.biz/plugins/ratings/87h754
Details	Url	1	http://firstcopymall.com/system/logs/87h754