CrowdStrike Discovers New DoppelPaymer Ransomware & Dridex Variant
Common Information
Type Value
UUID fc2356ba-6091-48a5-9689-2df2f4d65127
Fingerprint 98b21473adcb8051
Analysis status DONE
Considered CTI value 2
Text language
Published July 12, 2019, 9:06 p.m.
Added to db Sept. 26, 2022, 9:30 a.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline BitPaymer Source Code Fork: Meet DoppelPaymer Ransomware and Dridex 2.0
Title CrowdStrike Discovers New DoppelPaymer Ransomware & Dridex Variant
Detected Hints/Tags/Attributes 75/1/48
Attributes
Details Type #Events CTI Value
Details File 24
arp.exe
Details File 33
nslookup.exe
Details File 256
net.exe
Details File 11
dropbox.exe
Details File 74
onenote.exe
Details File 4
sidebar.exe
Details File 11
cis.exe
Details File 67
oracle.exe
Details File 5
cistray.exe
Details File 14
postgres.exe
Details File 5
zonealarm.exe
Details File 3
fortiwf.exe
Details File 8
a2guard.exe
Details File 15
nortonsecurity.exe
Details File 9
a2service.exe
Details File 10
bullguard.exe
Details File 8
a2start.exe
Details File 4
bullguardbhvscanner.exe
Details File 41
avastsvc.exe
Details File 3
bullguardscanner.exe
Details File 8
avshadow.exe
Details File 4
bullguardtray.exe
Details File 41
avastui.exe
Details File 5
bullguardupdate.exe
Details File 3
fortiesnac.exe
Details File 15
servicehost.exe
Details File 3
fortiproxy.exe
Details File 11
avira.sys
Details File 11
tray.exe
Details File 3
fortisslvpndaemon.exe
Details File 119
avp.exe
Details File 6
fortitray.exe
Details File 3
mbcloudea.exe
Details File 14
msascuil.exe
Details File 5
nod32.exe
Details File 20
wrsa.exe
Details File 45
mcshield.exe
Details sha256 2
51d8618ec86159327e883615ad8989c7638172cf801f65ab0367e5b2e6af596a
Details sha256 10
d4a0fe56316a2c45b9ba9ac1005363309a3edc7acf9e4df64d326a0ff273e80f
Details sha256 2
0f97f6d53fff47914174bc3a05fb016e2c02ed0b43c827e5e5aadba2d244aecc
Details sha256 2
bfb7e62ba4ad5975e68a1beefb045cb72e056911fd7a8b070a15029dfcbbefe1
Details sha256 4
bd2c2cf0631d881ed382817afcce2b093f4e412ffb170a719e2762f250abfea4
Details sha256 2
70211a3f90376bbc61f49c22a63075d1d4ddd53f0aefa976216c46e6ba39a9f4
Details sha256 2
813d8020f32fefe01b66bea0ce63834adef2e725801b4b761f5ea90ac4facd3a
Details sha256 2
801b04a1504f167c25f568f8d7cbac13bdde6440a609d0dcd64ebe225c197f9b
Details IPv4 2
2.0.0.78
Details IPv4 2
2.0.0.80
Details IPv4 2
4.0.0.87