Cryptowall 3.0: Back to the Basics
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Python - T1059.006 Software - T1592.002 Connection Proxy - T1090 |
Common Information
| Type | Value |
|---|---|
| UUID | f54b4e30-dfc2-4738-adb1-8c164c47bf45 |
| Fingerprint | 27451c29e5f5de51 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Feb. 9, 2015, 5:06 a.m. |
| Added to db | Oct. 9, 2022, 4:13 p.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | Vulnerability Information |
| Title | Cryptowall 3.0: Back to the Basics |
| Detected Hints/Tags/Attributes | 58/2/20 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 8 | perl.exe |
|
| Details | File | 65 | python.exe |
|
| Details | File | 1260 | explorer.exe |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 20 | 0.zip |
|
| Details | md5 | 1 | 9831374BF569D58A8BED493DF407F4EF |
|
| Details | sha256 | 1 | 838e19ff3f52952c292f945054520eb5707c80a389b1f88770b1ccc09f966c65 |
|
| Details | sha256 | 1 | 9e06d2ce0741e039311261acc3d3acbaba12e02af8a8f163be926ca90230fa89 |
|
| Details | sha256 | 1 | 55e866cc8580e5f9f7f6560e478f3b37b3362e9f94e88439beef6026c86c80be |
|
| Details | sha256 | 1 | 45317968759d3e37282ceb75149f627d648534c5b4685f6da3966d8f6fca662d |
|
| Details | IPv4 | 1 | 91.121.12.127 |
|
| Details | IPv4 | 1 | 5.199.165.160 |
|
| Details | IPv4 | 1 | 94.247.28.26 |
|
| Details | IPv4 | 1 | 194.58.109.158 |
|
| Details | IPv4 | 1 | 195.29.106.157 |
|
| Details | IPv4 | 1 | 94.247.31.19 |
|
| Details | IPv4 | 1 | 194.58.109.137 |
|
| Details | IPv4 | 1 | 94.247.28.156 |
|
| Details | IPv4 | 1 | 209.148.85.151 |
|
| Details | IPv4 | 1 | 5.170.247.119 |