CerberTear Ransomware - IOC


1) Ransomware Name - CerberTear

2) Encrypted Extensions - .cerber

3) Ransom Note File - HOW_TO_RESTORE_YOUR_DATA.html

4) Encrypted Algorithm - NA

5) Decryptor Link - NA

6) Screenshots -

7) Indicators of Compromise -
paket.pw
coincafe.com
104.27.154.158:80 (США)


8) File Details -
the MD5 7d181574893ec9cb2795166623f8e531
the SHA1 79440d8b1e4b8fa222f1be78435f43f86796f6dc
the SHA256 a098c20dd46c6afa031bb653cd6d6eede4260a5a6244cf8c1dffcb4d8565b404
ssdeep12288: fN4XnlsewZadw / WDImKa9X8Lnpy6UG5MZXHEZ6Utif + M4lYklAo: V41NwZadw / WQWyyCMlE8SifgJ
authentihash  ffc39959aa60fa70d82e5ad981476fe04851ac3ed29f7abeef6dcc7ea1e8753b
imphash  e160ef8e55bb9d162da4e266afd9eef3
File size 463.3 KB (474,400 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit

Comments