NotPetya

NotPetya/ExPetr Sandworm GRU 2017. Ukraine target. EternalBlue+Mimikatz spread. Wiper (fake ransom). 10B+ USD damage.

Threat Profile
Type Wiper
Programming LanguageC
C2 ProtocolSMB
First Seen2017
Targets Ukrayna+Küresel
Purpose / Capabilities
  • Destructive Wiper

C2 Servers 1

1 Active
Address Port Protocol Status Action
posteo.net
443 HTTPS Active

⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.

Research Reports (1)

Critical

NotPetya -- PC Developer VS2010 PDB, posteo.net Email, 1Mz7153H Tarihi BTC | Kritik

NotPetya 399KB. C:\Users\PC\NotPetya.pdb VS2010. posteo.net ransom email. 1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX tarihi BTC.

Read Report →