top of page
Ransom.Win32.SODINOKIBI.YABGC - Threat Encyclopedia
C45-2021-07-04-1
Indicators of Compromise (IOC) List
Indicator of Compromise (IOC) | Date Published | IOC Type |
|---|---|---|
HKEY_CURRENT_USER\Control Panel\DesktopWallpaper | 04/07/2021 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\BlackLivesMatterIt does the following | 04/07/2021 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ In the right panel | 04/07/2021 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon In the right panel | 04/07/2021 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce In the right panel | 04/07/2021 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\BlackLivesMatter To delete registry keys this malware | 04/07/2021 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\BlackLivesMatterEd7 | 04/07/2021 | Win_Registry |
35.236.249.183 | 04/07/2021 | IPv4 |
HKEY_LOCAL_MACHINE\SOFTWARE\BlackLivesMatter96Ia6 | 04/07/2021 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\BlackLivesMatterJmfOBvhb | 04/07/2021 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\BlackLivesMatter Close Registry Editor. Step 6Search and delete this file | 04/07/2021 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\BlackLivesMatterQIeQ | 04/07/2021 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce | 04/07/2021 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinlogonDefaultUserName | 04/07/2021 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinlogonAutoAdminLogon | 04/07/2021 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\BlackLivesMatter In the right panel | 04/07/2021 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\BlackLivesMatterwJWsTYE | 04/07/2021 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\BlackLivesMatterUcr1RB | 04/07/2021 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinlogonDefaultPassword | 04/07/2021 | Win_Registry |
23.45.180.191 | 04/07/2021 | IPv4 |
bottom of page