CHIP Ransomware - IOC


1) Ransomware Name - CHIP

2) Encrypted Extensions -
.CHIP
.DALE

3) Ransom Note File -
CHIP_FILES.txt
DALE_FILES.TXT

4) Encrypted Algprithm - NA

5) Decryptor Link - NA

6) Screenshots -

7) Indicators of Compromise -
http://mm6x57ri2coivya6.onion
rad46480.tmp.exe
checkip.dyndns.org (216.146.43.70:80) (США)
cavallinomotorsport.com (27.121.64.183) (Австралия)
imomfs.e89mfe.top (185.153.198.107:80)
mm6x57ri2coivya6.onion
109.236.82.8:80 (Нидерланды)


8) File Details -
the MD5 35f68acc0c3d5761a61975ec77b49cbc
the SHA1 f6d03e713bc9b47265141d9f9b83ae634d43d204
the SHA256 aee03626b83a88b71b06899116cb7ce4b8092365103d69792b0c2d7153f24cb1
ssdeep3072: HfVD9B1hzRAjEdJNCQ4woDZD57Wr3FKajQNR9MiYbuWjqgdcnfKvdHmN5b3SM: / jlVEEbNtoPajxu85cfAG3
authentihash  eda4103b8445b2a0fe8358e781eb60758450d5a071a4d4e047867b8f07687284
imphash  50a39d8c933b48792bb6a3fa1490d04e
File size 218.5 KB (223744 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit

Comments