BarRax Ransomware - IOC


1) Ransomware Name - BarRax
2) Encrypted Extensions -
.BarRax
BarraxCrpt.exe
hidden-tear.exe
3) Ransom Note File - NA
4) Encrypted Algorithm - NA
5) Decryptor Link - NA
6) Screenshots -


7) Indicators of Compromise -
xxxx://rens.5v.pl - C2
xxxx://barrax.tk - forum


8) File Details -
MD5 b9383394aa2b224f717fc62433c50d2a
SHA1 2ef6f9b3a8decb71d5619b07a4f07eb13a33366d
SHA256 2a06283e193c119fefb130e25a6e0c30f4b7675b6c27b33d2b7c6560bad7d3c8
ssdeep3072:gM+lmsolAIrRuw+mqv9j1MWLQ7MTmmsolNIrRuw+mqv9j1MWLQA:z+lDAAxTmDAN
authentihash  31d2df44e0f3798a4b34a0b87ed28a90929ea13470a6f213dfdb729e1f6b4b27
imphash  f34d5f2d4577ed6d9ceec516c1f5a744
File size 207.5 KБ ( 212480 bytes )
File type Win32 EXE
Magic literalPE32 executable for MS Windows (GUI) Intel 80386 Mono/.Net assembly

Comments