Difference between revisions of "Petya"

From Botnets.fr
Jump to navigation Jump to search
Line 2: Line 2:
|Target=Microsoft Windows,
|Target=Microsoft Windows,
|Vector=Spam, Dropbox,
|Vector=Spam, Dropbox,
|Feature=MBR overwrite, Bitcoin payment,
|Feature=MBR overwrite, Bitcoin payment, Encrypt MFT,
|Checksum=39B6D40906C7F7F080E6BEFA93324DDDADCBD9FA, B0C5FAB5D69AFCC7FD013FD7AEF20660BF0077C2, 755f2652638f87ab517c608a363c4aefb9dd6a5a,
|Checksum=39B6D40906C7F7F080E6BEFA93324DDDADCBD9FA, B0C5FAB5D69AFCC7FD013FD7AEF20660BF0077C2, 755f2652638f87ab517c608a363c4aefb9dd6a5a,
|Group=Cryptolocker,
|Group=Cryptolocker,
}}
}}

Revision as of 23:07, 27 March 2016

(Botnet) Link to the old Wiki page : [1] / Google search: [2]

Petya
Alias
Group Cryptolocker
Parent
Sibling
Family
Relations Variants:

Sibling of:
Parent of:
Distribution of:
Campaigns:

Target Microsoft Windows
Origin
Distribution vector Spam, Dropbox
UserAgent
CCProtocol
Activity /
Status
Language
Programming language
Operation/Working group

Introduction

Features


Associated images

Checksums / AV databases

  • 39B6D40906C7F7F080E6BEFA93324DDDADCBD9FA | Virustotal
  • B0C5FAB5D69AFCC7FD013FD7AEF20660BF0077C2 | Virustotal
  • 755f2652638f87ab517c608a363c4aefb9dd6a5a | Virustotal




Publications

 AuthorEditorYear
PETYA crypto-ransomware overwrites MBR to lock users out of their computersJasen SumalapaoTrendLabs Security Intelligence Blog2016
Petya ransomware skips the files and encrypts your hard drive insteadLawrence AbramsBleeping Computer2016
Retrieved from "https://www.botnets.fr/index.php?title=Petya&oldid=13233"