NotPetya
NotPetya/ExPetr Sandworm GRU 2017. Ukraine target. EternalBlue+Mimikatz spread. Wiper (fake ransom). 10B+ USD damage.
Threat Profile
Type
Wiper
Programming LanguageC
C2 ProtocolSMB
First Seen2017
Targets
Ukrayna+Küresel
Purpose / Capabilities
- Destructive Wiper
C2 Servers 1
1 Active
| Address | Port | Protocol | Status | Action |
|---|---|---|---|---|
posteo.net
|
443 | HTTPS | Active |
⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.
Research Reports (1)
NotPetya -- PC Developer VS2010 PDB, posteo.net Email, 1Mz7153H Tarihi BTC | Kritik
NotPetya 399KB. C:\Users\PC\NotPetya.pdb VS2010. posteo.net ransom email. 1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX tarihi BTC.
Read Report →