찾아줄게요
CCC 파일은 무엇입니까?
-
안녕하세요. 제 컴퓨터에서 CCC라는 파일을 찾았는데 이것이 무엇인지 잘 모르겠습니다. 알려주시면 감사하겠습니다.
-
CCC 파일은 TeslaCrypt 1.0으로 암호화된 파일 입니다. TeslaCrypt에서 배포한 파일인 것으로 보입니다. 2017-10-18 20:53:36에 처음으로 보고되었으며 2017-10-18 20:53:36에 마지막으로 보고되었습니다.
-
TeslaCrypt 1.0 프로그램을 다운로드하여 CCC 파일을 열 수 있습니다.
-
TeslaCrypt 1.0으로 암호화된 파일
-
시그니처 정보가 없습니다.
-
연관 링크 #1: 첨부된 링크가 없습니다.
-
연관 링크 #2: 첨부된 링크가 없습니다.
-
-
[2021-07-01 10:44:29] @InQuest ???? Malicious RTF document found hosted at: https///[email protected]/3w9TmdD SHA256: 3ffa86c23ab644e5263b7302cfd5219e0c9add0e482f1b1f9eebf80d75a6eb63 IOC extracted from sample: https://labs.inquest.net/dfi/hash/b131ccc7c1512ce439277c163cfbebaede4c9386a66111f1ffbbc1a95e039451
-
[2021-06-24 01:07:21] @MBThreatIntel ➡️ http://103.125.191.125/.-..........................-..................-/........dot ➡️ Remote template: d553bd422c8d3621e21049ccc2ebe680 ➡️ Download IP: 103.125.191.125 ➡️ Lokibot: 7847f6a1330398c7ca2252a78b6eac35
-
[2021-06-23 21:40:35] @EmotetIndian #hancitor #doc: 6ccc74e8bc64ebc728513fc429d5e1d7a4496db498cbdda63474d98907da4bb5 https://bazaar.abuse.ch/sample/6ccc74e8bc64ebc728513fc429d5e1d7a4496db498cbdda63474d98907da4bb5/
-
[2021-06-23 07:33:00] @EmotetIndian #hancitor #DLL: 3a1dd6ccc4cd41cc32e9d31ec7eabd9ae2253496cb8f8afc61857ed63dd0b0bd https://bazaar.abuse.ch/sample/3a1dd6ccc4cd41cc32e9d31ec7eabd9ae2253496cb8f8afc61857ed63dd0b0bd/
-
[2021-06-23 03:24:00] @EmotetIndian #hancitor #DLL: d4cbcbf8806901802d84926b8d447fe9ccc2188b2eab1c2bd97cbcd4c0af973f https://bazaar.abuse.ch/sample/d4cbcbf8806901802d84926b8d447fe9ccc2188b2eab1c2bd97cbcd4c0af973f/
-
[2021-06-18 23:50:19] @mickeyftnt https://www.virustotal.com/gui/url/ae5cf34507ae8ccccbfb142e4663f73dc6c1554048ad9001d98f838147257484/detection https://urlscan.io/result/e5f8ee47-0f70-48e7-9a9f-e4b50dbdd680/ Automated scanners failed.. Manual browsing to it: https://twitter.com/mickeyftnt/status/1405930887657627654/photo/1
-
[2021-06-14 15:16:25] @r3dbU7z No comments.. Frosty.x86 -> http://bazaar.abuse.ch/sample/8518c0323365c1398c3b2a017bccc954c6c9a127a72b5f4a96f695af2c55d19b/ URLhaus -> https://urlhaus.abuse.ch/host/107.173.114.24/ https://twitter.com/LGEmpathy/status/1404321271106600961 https://twitter.com/r3dbU7z/status/1404352009411702784/photo/1
-
[2021-06-12 14:15:58] @fbgwls245 #Nefilim/#Nemty #Ransomware 45E35C9B095871FBC9B85AFFF4E79DD36B7812B96A302E1CCC65CE7668667FE6 New ext: .KIANO Note: KIANO-HELP.txt @BleepinCompute @demonslay335 @Amigo_A_ @siri_urz @malwrhunterteam @JAMESWT_MHT https://twitter.com/fbgwls245/status/1403612023636647936/photo/1
-
[2021-06-11 22:55:02] @HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 61 VirusTotal: https://www.virustotal.com/gui/file/e6c7ffecb2d9ccc3c18d81fc98a82e1abf9f9142f196834f0b69c82f79290a63/detection/f-e6c7ffecb2d9ccc3c18d81fc98a82e1abf9f9142f196834f0b69c82f79290a63-1622166317 Threat: Ransom_WCRY.SMALYM (TrendMicro)
-
[2021-06-10 04:32:28] @1ZRR4H ???? Importante compañía de la industria forestal en Chile ???????? ha sido víctima de #Ryuk #Ransomware ???? Muestra del ataque: https://www.virustotal.com/gui/file/4f6db0454c9afe37d358d1399fe8932bec799eb257df11eccc6ab87358c4efb3/detection Vectores de acceso conocidos: - RDP comprometido (BF/PS) - Despliegue vía Malware Regla Sigma: https://github.com/SigmaHQ/sigma/blob/08ca62cc8860f4660e945805d0dd615ce75258c1/rules/windows/malware/win_mal_ryuk.yml https://twitter.com/1ZRR4H/status/1402740402441142272/photo/1
-
[2021-06-09 22:38:56] @Slvlombardo ⚠️ #phishing #scam "YOU HAVE SUCCESSFULLY RECEIVED $????????K ???????????? INTO YOUR ACCOUNT.." #Bitcoin trader https://urlscan.io/result/bdaec117-6730-4937-b75c-d10922700a2d/ https://www.virustotal.com/gui/url/e48016560169900bb513c80e5139f91a40eb009342ccc39e5379d48df4e86a30/detection https://twitter.com/Slvlombardo/status/1402651433342836746/photo/1
-
[2021-06-09 22:31:58] @MBThreatIntel #Trickbot via malspam Maldoc: 33535.docx d224cad59dd3c38a5d1867743d55d7c4 Remote template URL: https://microsotf.club/mnt/cdn02-32in-sn3nk3-c/mk-si3Wd.dot Remote Template (macro-enabled): c6af11c95909bea0e3ac1124383e8979 Trickbot payload: 32b2798ecb2396f1bb2ccc3d5a2a20fe https://twitter.com/MBThreatIntel/status/1402649681990238208/photo/1
-
[2021-06-09 22:31:07] @dragan_security Qbot xlsb droper with 2 detections on the VT: https://www.virustotal.com/gui/file/4fd863b3a0838ea65977010eccc52d482d79f2139138fea98f3383994b5bf86f/detection #qbot
-
[2021-06-08 05:53:47] @reinforchu 結果が変わるのは当然の話なのですが、VirusTotalのURLレピュテーションの実装、同一ホスト名でもhttp(80). https(443)の違いでスコアが変わる。これはESET特有の検知法? 例:apple.comのIDN homograph attackのケース 1. OK) https://www.virustotal.com/gui/url/1bf5eccc808c64fd28541a5eaf9a9938f917b324c02d1116513a525db5e7b609/detection 2. NG) https://www.virustotal.com/gui/url/632ac448a264310382a6c5c3e0452cc394c67f19ea68f767a4ce4c2a32d7b4db/detection #Phishing https://twitter.com/reinforchu/status/1402036091679494145/photo/1
-
[2021-06-05 23:10:02] @HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 59 VirusTotal: https://www.virustotal.com/gui/file/e136aa988e27863615c65d918de03c2bec8fa4f5703b2e8e4f40d78f8ccc15b8/detection/f-e136aa988e27863615c65d918de03c2bec8fa4f5703b2e8e4f40d78f8ccc15b8-1620005269 Threat: Ransom_WCRY.SMALYM (TrendMicro)
-
[2021-06-04 15:30:02] @HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 59 VirusTotal: https://www.virustotal.com/gui/file/23d179dfc6f34bccc6f0c4696fcfca93f0683f5cc5ae734065f39d7c22e101d4/detection/f-23d179dfc6f34bccc6f0c4696fcfca93f0683f5cc5ae734065f39d7c22e101d4-1616855718 Threat: Ransom_WCRY.SMALYM (TrendMicro)
-
[2021-06-04 00:30:24] @neoxmorpheus1 .7z: https://bazaar.abuse.ch/sample/b8f50fae9d9948276a249c9ccc91a79310df4fb782b795cfafb3852fb47e4c8b .scr: https://bazaar.abuse.ch/sample/c1d8805a1d4e64b46121ec6b9b21225c26012a296632c58495d4dc8d845aba8d/
-
[2021-06-01 18:31:08] @JAMESWT_MHT #interesting sample caught by @cocaman .ppam https://bazaar.abuse.ch/sample/df91f20f8204e6d0e1239202c58d438143ccc560ac5ae8b2d8cf8e49aaae3708/ ???? Ps1 https://bazaar.abuse.ch/sample/63b6f4de7ae3b635415d9963830613c9b6654a6d1e429580494105a72404867e/ Urls hXXps://ia601409.us.archive.org/4/items/Re-Panel-24/10.txt 1230948%[email protected]/p/10.html 103.114.107.28/me/web10/inc/d3808c7188cb55.php spread #AgentTesla https://twitter.com/JAMESWT_MHT/status/1399689971401900036/photo/1
-
[2021-06-01 13:27:56] @InQuest ???? Malicious RTF document found hosted at: http///bit.do/fQV8b SHA256: 7fce0ad36a57356ad534f3786073c7e40b68ed05b0cc3c808082dce539751d71 IOC extracted from sample: https://labs.inquest.net/dfi/hash/f894b45c87c689c51c77e76af7899fbfd99f02c3ee0dabb638612f1872acccfb
-
[2021-05-26 21:45:02] @HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 65 VirusTotal: https://www.virustotal.com/gui/file/105e8ccca5c3be8e5bb23b1afbba9720c44d0ec45a2ef85d004c34526464ed0f/detection/f-105e8ccca5c3be8e5bb23b1afbba9720c44d0ec45a2ef85d004c34526464ed0f-1606043118 Threat: Ransom_WCRY.SMALYM (TrendMicro)
-
[2021-05-23 03:10:02] @HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 67 VirusTotal: https://www.virustotal.com/gui/file/3bae088144ef5d7af909a7617f4b9712212099415364c6cccb432ae2313e2752/detection/f-3bae088144ef5d7af909a7617f4b9712212099415364c6cccb432ae2313e2752-1585167019 Threat: Ransom_WCRY.SMALYM (TrendMicro)
-
[2021-05-21 23:20:02] @HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 57 VirusTotal: https://www.virustotal.com/gui/file/3a370108def4796a2ed8ebb4883cccf81b7546e963f126ffe20f22cb66545a61/detection/f-3a370108def4796a2ed8ebb4883cccf81b7546e963f126ffe20f22cb66545a61-1539593693 Threat: Ransom_WCRY.SMALYM (TrendMicro)
-
[2021-05-21 11:35:02] @HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 59 VirusTotal: https://www.virustotal.com/gui/file/25b7e641f8b6ae7f2c90520e00c2d0b9fccc0f12d2ec3065f8d3bd1a5915b1e0/detection/f-25b7e641f8b6ae7f2c90520e00c2d0b9fccc0f12d2ec3065f8d3bd1a5915b1e0-1621061719 Threat: Ransom_WCRY.SMALYM (TrendMicro)
-
[2021-05-21 11:20:02] @HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 59 VirusTotal: https://www.virustotal.com/gui/file/8f47aef94fcccc51cca544d8d070279805d1dadcdc50b3fa39c47fa68aaf7bf2/detection/f-8f47aef94fcccc51cca544d8d070279805d1dadcdc50b3fa39c47fa68aaf7bf2-1533704040 Threat: Ransom_WCRY.SMALYM (TrendMicro)
-
[2021-05-20 16:35:48] @Finch39487976 @fbgwls245 @BleepinComputer @demonslay335 @Amigo_A_ @siri_urz @malwrhunterteam @JAMESWT_MHT 220AA39CCC6DE1EB7C8778B067E370B7 uploaded on MalwareBazaar: https://bazaar.abuse.ch/sample/b48348bce63f1ad4550e28f99b61f3166e30eec746299c4258632a5fae95df7d/
-
[2021-05-20 14:55:07] @fbgwls245 #STOP #Djvu #Ransomware 69E06C3DF86E3AE5365DD33E6A8B5281 014674ACA0D684C6D6958B5D473F563D 220AA39CCC6DE1EB7C8778B067E370B7 New Ext: .nusm New Version: (v0298) Note: _readme.txt @BleepinComputer @demonslay335 @Amigo_A_ @siri_urz @malwrhunterteam @JAMESWT_MHT https://twitter.com/fbgwls245/status/1395286952354537472/photo/1
-
[2021-05-20 04:36:43] @m0rb 2021-05-19T21:36:42 - Commented: https://www.virustotal.com/gui/file/f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8/community #malware #commandinjection
-
[2021-05-18 21:35:02] @HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 55 VirusTotal: https://www.virustotal.com/gui/file/862b396e5a702e497cccd9c11b89912ef444cf1cd63187482dd45720db0f445c/detection/f-862b396e5a702e497cccd9c11b89912ef444cf1cd63187482dd45720db0f445c-1517912466 Threat: Ransom_WCRY.SMALYM (TrendMicro)
-
[2021-05-17 14:40:33] @siri_urz .matryoshka #Ransomware 61FCCC142E2BBF498885BB6E42BAE62C https://twitter.com/siri_urz/status/1394196121937981441/photo/1
-
[2021-05-15 12:50:02] @HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 56 VirusTotal: https://www.virustotal.com/gui/file/53cccaefccef478373e9ef4e5888fdb810bcd5f534e50d109033d1cb360c8d03/detection/f-53cccaefccef478373e9ef4e5888fdb810bcd5f534e50d109033d1cb360c8d03-1598034756 Threat: Ransom_WCRY.SMALYM (TrendMicro)
-
보이스피싱, 불법촬영물, 랜섬웨어, 사이버 안보위협 등에 관련된 사안의 경우 다음과 같은 기관 및 단체의 도움을 받을 수 있습니다. 노모어랜섬(No More Ransom) 경찰청 사이버범죄 신고시스템 국가정보원 민원센터