ioc[.]one - OSINT Cyber Threat Intelligence Database

CryptoWire ransomware not dead

Tags

country:	Brazil
attack-pattern:	Malware - T1587.001 Malware - T1588.001 Scheduled Task - T1053.005 Scheduled Task - T1053 Scripting - T1064 Scripting

Show in Graph

Common Information

Type	Value
UUID	ede80085-42d4-41d4-b976-0518a2d4479d
Fingerprint	f471613b7ec710db
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 12, 2018, 10:55 p.m.
Added to db	Jan. 18, 2023, 8:08 p.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	Blaze's Security Blog
Title	CryptoWire ransomware not dead
Detected Hints/Tags/Attributes	30/2/7

Source URLs

	Redirection	Url
Details	Source	https://bartblaze.blogspot.com/2018/04/cryptowire-ransomware-not-dead.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.com	bartblaze.blogspot.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	12		secmail.pro
Details	Email	3		wlojul@secmail.pro
Details	File	1		encrypted.png
Details	File	345		vssadmin.exe
Details	md5	1		f6d01e72a58a8bdf14f9a103250f779e
Details	sha1	1		3b97bac22a04282ebbaef60beb168a41e4449239
Details	sha256	1		4deff7d8434583ea8e5c3ef9b4c64674dfb165b1720ddf63b5abdd8ed6a7399c