Crypter Ransomware - IOC


1) Ransomware Name - Crypter

2) Encrypted Extensions - .encrypted

3) Ransom Note File - NA

4) Encrypted Algorithm - NA

5) Decryptor Link - NA

6) Screenshots -

7) Indicators of Compromise -
contact_here_me@india.com
frogobigens@india.com.enjey
xxxxs://blockchain.info/wallet/#/signup
xxxx://black-wallet.ru/css/add_text.php?data="[victim data]"
xxxxs://en.bitcoin.it/wiki/Help:FAQ
contact_here_me@india.com
frogobigens@india.com



8) File Details -
the MD5 0b4cc40299df1e43519ba48f99c61596
the SHA1 15606360ed8ad458656a249afc68e9514d0882cf
the SHA256 8f51ce5e3b3ad1ee8c98e843177711a7759c55c96a9e9becaf77f54f811c69e3
ssdeep192: QCIxxopDVaiKcoUheXjepaR7nQuz / rMUNzFTaIo1cKP: FAxoKiKRUUTeQM4BFTaX1cK
authentihash  2d33e815795ab55c62d59f14c0a383123a03076aaf156b5a4f7f828ff52b80fb
imphash  f34d5f2d4577ed6d9ceec516c1f5a744
File size 13.0 KB (13312 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 Mono / .Net assembly


the MD5 054da0ab42fe6bfb974b89f9baa9a3f7
the SHA1 e0e7b6cc9cb0986291e1d4b4cb28f27b58c12303
the SHA256 30cb2bc30582498bbe682091bb548591670c29b57d5e8e1142947980dc405445
ssdeep384: PHINV1FrkSTL7dtZZUrLtcK / ujYcV6SUwJFZb: Pob1Fw07ZUfqFYcV6lw9b
authentihash  8f19fbac39f1f77df6b025077706ca6830097180dea448f8d5cbfa0626a16401
imphash  f34d5f2d4577ed6d9ceec516c1f5a744
File size 16.0 KB (16,384 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 Mono / .Net assembly

Comments