BaksoCrypt Ransomware - IOC


1) Ransomware Name - BaksoCrypt
2) Encrypted Extensions - .adr
3) Ransom Note File - NA
4) Encrypted Algorithm - NA
5) Decryptor Link - NA
6) Screenshots -



7) Indicators of Compromise -  ***@163.com




8) File Deatails -
MD5 22d59b765369e1d1f9daeee88fc8e06b
SHA1 e62e7b91ea732abf83f7190ee132231644b2638e
SHA256 8bffbc4fd5b94ba3e1ea31291f2ae7ba5967b9b7411a028a7de16c5089bcd3df
ssdeep3072:rjrZiKB/1xqpqFeAaBaIe9PDcjKxAEHjoGkz1OQHlotvQ7SPwjPm/hDbzQB+Q:zsGaBLe9LcjYjoGkJOQHlKvnYDAfz7Q
authentihash  532ec08f422f7687ccd397f46a76b2af40f3c4e76088339aa70d42af1b99a650
imphash  f34d5f2d4577ed6d9ceec516c1f5a744
File size  234.5 KБ ( 240128 bytes )
File type Win32 EXE
Magic literalPE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly


Comments