Mespinoza, Pysa
Tags
| attack-pattern: | Data Powershell - T1059.001 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | f362a872-ccaa-4718-86b1-630a87aa2888 |
| Fingerprint | 3246797658381b3b |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Oct. 11, 2019, 6:52 a.m. |
| Added to db | Sept. 26, 2022, 9:31 a.m. |
| Last updated | Nov. 17, 2024, 6:49 p.m. |
| Headline | Шифровальщики-вымогатели The Digest "Crypto-Ransomware" |
| Title | Mespinoza, Pysa |
| Detected Hints/Tags/Attributes | 20/1/14 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://id-ransomware.blogspot.com/2019/10/mespinoza-ransomware.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | ransom.win32.lockergoga.af |
|
| Details | Domain | 396 | protonmail.com |
|
| Details | Domain | 911 | any.run |
|
| Details | 3 | mespinoza980@protonmail.com |
||
| Details | 2 | alanson_street8@protonmail.com |
||
| Details | 2 | lambchristoffer@protonmail.com |
||
| Details | 2 | aireyeric@protonmail.com |
||
| Details | 2 | ellershaw.kiley@protonmail.com |
||
| Details | 2 | raingemaximo@protonmail.com |
||
| Details | 1 | gareth.mckie31@protonmail.com |
||
| Details | File | 156 | 1.exe |
|
| Details | File | 1 | 51.exe |
|
| Details | File | 1 | %supdater.bat |
|
| Details | File | 367 | readme.txt |