Crptxxx Ransomware - IOC


1) Ransomware Name - Crptxxx

2) Encrypted Extensions - .crptxxx

3) Ransom Note File -
HOW_TO_FIX_!.txt
README.txt, HOW_TO_DECRYPT.txt

4) Encrypted Algprithm - NA

5) Decrptor Link - NA

6) Screenshots -





7) Indicators of Compromise -
xxxx://dokg5gcojuswihof.onion
xxxx://m5r2t7rwszffszra.onion
xxxx://m5r2t7rwszffszra.onion.to
xxxx://dokg5gcojuswihof.onion
xxxx://dokg5gcojuswihof.onion.to
См. ниже результаты анализов.


8) File Details -
the MD5 59e46b0317094cd4a2be5e46b8158ebd
the SHA1 494b1e67c22ba50ac225c9b72f8fd875e20c755c
the SHA256 a74244ee11a9100807b19c6353868dc0761b738833a0616e3be8dc5fa6cdf3ce
ssdeep12288: Fece7pAYsW8oGZq3E01FodROvXwgMAqnu3BJ888888888888W88888888888: Be7pAYOomGXwgt + u3
authentihash  05c94c4b0df9463ce8c9982525740a0d0cc88062fb8b81e1eff99bf5f1527525
imphash  cc218cb1cee1d5b3102b1043d77ae094
File size 492.5 KB (504,320 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit

Comments