Difference between revisions of "Petya"
Jump to navigation
Jump to search
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
{{Botnet | {{Botnet | ||
|Introduction=* According to https://twitter.com/hasherezade/status/714195402967367680/photo/1 the "Encryption" is done with XOR 7 | |||
|Target=Microsoft Windows, | |Target=Microsoft Windows, | ||
|Vector=Spam, Dropbox, | |Vector=Spam, Dropbox, | ||
|Feature=MBR overwrite, Bitcoin payment, | |Feature=MBR overwrite, Bitcoin payment, Encrypt MFT, | ||
|Checksum=39B6D40906C7F7F080E6BEFA93324DDDADCBD9FA, B0C5FAB5D69AFCC7FD013FD7AEF20660BF0077C2, 755f2652638f87ab517c608a363c4aefb9dd6a5a, | |Checksum=39B6D40906C7F7F080E6BEFA93324DDDADCBD9FA, B0C5FAB5D69AFCC7FD013FD7AEF20660BF0077C2, 755f2652638f87ab517c608a363c4aefb9dd6a5a, | ||
|Group=Cryptolocker, | |Group=Cryptolocker, | ||
}} | }} |
Latest revision as of 23:19, 27 March 2016
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
Petya | |
---|---|
Alias | |
Group | Cryptolocker |
Parent | |
Sibling | |
Family | |
Relations | Variants: Sibling of: |
Target | Microsoft Windows |
Origin | |
Distribution vector | Spam, Dropbox |
UserAgent | |
CCProtocol | |
Activity | / |
Status | |
Language | |
Programming language | |
Operation/Working group |
Introduction
- According to https://twitter.com/hasherezade/status/714195402967367680/photo/1 the "Encryption" is done with XOR 7
Features
Associated images
Checksums / AV databases
- 39B6D40906C7F7F080E6BEFA93324DDDADCBD9FA | Virustotal
- B0C5FAB5D69AFCC7FD013FD7AEF20660BF0077C2 | Virustotal
- 755f2652638f87ab517c608a363c4aefb9dd6a5a | Virustotal