CryptoBit Ransomware - IOC


1) Ransomware Name - CryptoBit

2) Encrypted Extensions - NA

3) Ransom Note File -
OKSOWATHAPPENDTOYOURFILES
helloreadmenow23.TXT
helloreadmenow24.TXT

4) Encrypted Algorithm - AES and RSA

5) Decryptor Link - NA

6) Screenshots -

7) Indicators of Compromise -
torrenttracker@india.com
realstatistics.info
kjyrxilohcowy.dyndns.org
smobutdobesy.dyndns.org
laoismacau.com
videodrome69.net***
bitmessage.org
epiclesis@protonmail.ch
kyklos@lelantos.org
kyklos@scryptmail.com
malakia@anoninbox.net
malakia@openmailbox.org
sycophant@sigaint.org


8) File Details -
the MD5 6e071bc7c9bf314430516bc4cdd56765
the SHA1 c2d911414f3782a1193b56401aa54b9a6af9cd72
the SHA256 a67855dbd18652e99f13d29045b09391382bb8c817cda1e498cd01eb4a7bdf2c
ssdeep3072: nAuYPfpJmUlmHgdxkJ1W6V61EQwCzs10: nZYPxJhlmHUkJUMQwYH
authentihash  f701be93185ed7ca392e922359a2c61eb8d2483614149b18f9aada1c15b548b1
imphash  510cca39ee3be3ccf27ae580cb285e22
File size 121.5 KB (124416 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit

Comments