CrowdStrike Discovers New DoppelPaymer Ransomware & Dridex Variant
Tags
Common Information
Type | Value |
---|---|
UUID | fc2356ba-6091-48a5-9689-2df2f4d65127 |
Fingerprint | 98b21473adcb8051 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | July 12, 2019, 9:06 p.m. |
Added to db | Sept. 26, 2022, 9:30 a.m. |
Last updated | Nov. 17, 2024, 6:55 p.m. |
Headline | BitPaymer Source Code Fork: Meet DoppelPaymer Ransomware and Dridex 2.0 |
Title | CrowdStrike Discovers New DoppelPaymer Ransomware & Dridex Variant |
Detected Hints/Tags/Attributes | 75/1/48 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://www.crowdstrike.com/blog/doppelpaymer-ransomware-and-dridex-2/ |
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | File | 24 | arp.exe |
|
Details | File | 33 | nslookup.exe |
|
Details | File | 256 | net.exe |
|
Details | File | 11 | dropbox.exe |
|
Details | File | 74 | onenote.exe |
|
Details | File | 4 | sidebar.exe |
|
Details | File | 11 | cis.exe |
|
Details | File | 67 | oracle.exe |
|
Details | File | 5 | cistray.exe |
|
Details | File | 14 | postgres.exe |
|
Details | File | 5 | zonealarm.exe |
|
Details | File | 3 | fortiwf.exe |
|
Details | File | 8 | a2guard.exe |
|
Details | File | 15 | nortonsecurity.exe |
|
Details | File | 9 | a2service.exe |
|
Details | File | 10 | bullguard.exe |
|
Details | File | 8 | a2start.exe |
|
Details | File | 4 | bullguardbhvscanner.exe |
|
Details | File | 41 | avastsvc.exe |
|
Details | File | 3 | bullguardscanner.exe |
|
Details | File | 8 | avshadow.exe |
|
Details | File | 4 | bullguardtray.exe |
|
Details | File | 41 | avastui.exe |
|
Details | File | 5 | bullguardupdate.exe |
|
Details | File | 3 | fortiesnac.exe |
|
Details | File | 15 | servicehost.exe |
|
Details | File | 3 | fortiproxy.exe |
|
Details | File | 11 | avira.sys |
|
Details | File | 11 | tray.exe |
|
Details | File | 3 | fortisslvpndaemon.exe |
|
Details | File | 119 | avp.exe |
|
Details | File | 6 | fortitray.exe |
|
Details | File | 3 | mbcloudea.exe |
|
Details | File | 14 | msascuil.exe |
|
Details | File | 5 | nod32.exe |
|
Details | File | 20 | wrsa.exe |
|
Details | File | 45 | mcshield.exe |
|
Details | sha256 | 2 | 51d8618ec86159327e883615ad8989c7638172cf801f65ab0367e5b2e6af596a |
|
Details | sha256 | 10 | d4a0fe56316a2c45b9ba9ac1005363309a3edc7acf9e4df64d326a0ff273e80f |
|
Details | sha256 | 2 | 0f97f6d53fff47914174bc3a05fb016e2c02ed0b43c827e5e5aadba2d244aecc |
|
Details | sha256 | 2 | bfb7e62ba4ad5975e68a1beefb045cb72e056911fd7a8b070a15029dfcbbefe1 |
|
Details | sha256 | 4 | bd2c2cf0631d881ed382817afcce2b093f4e412ffb170a719e2762f250abfea4 |
|
Details | sha256 | 2 | 70211a3f90376bbc61f49c22a63075d1d4ddd53f0aefa976216c46e6ba39a9f4 |
|
Details | sha256 | 2 | 813d8020f32fefe01b66bea0ce63834adef2e725801b4b761f5ea90ac4facd3a |
|
Details | sha256 | 2 | 801b04a1504f167c25f568f8d7cbac13bdde6440a609d0dcd64ebe225c197f9b |
|
Details | IPv4 | 2 | 2.0.0.78 |
|
Details | IPv4 | 2 | 2.0.0.80 |
|
Details | IPv4 | 2 | 4.0.0.87 |