CryptoHost Ransomware - IOC


1) Ransomware Name - CryptoHost

2) Encrypted Extensions - NA

3) Ransom Note File -
RANSOM_CRYPTOHOST.A
RANSOM_PETYA.SMA

4) Encrypted Algorithm - AES(256) (RAR implementation)

5) Decryptor Link - https://www.google.com/url?q=http://www.bleepingcomputer.com/news/security/cryptohost-decrypted-locks-files-in-a-password-protected-rar-file/&sa=D&ust=1499261274480000&usg=AFQjCNHbfaVKz11PfHOUWELsKPsT_sViWQ



6) Screenshots -



7) Indicators of Compromise - NA



8) File Details -
FILE SIZE: 501,760 bytes
FILE TYPE: EXE

Comments