CryptoWall 1 Ransomware - IOC


1) Ransomware Name - CryptoWall 1

2) Encrypted Extensions - .encrypted

3) Ransom Note File -
DECRYPT_INSTRUCTION.HTML
DECRYPT_INSTRUCTION.TXT
DECRYPT_INSTRUCTION.URL
INSTALL_TOR.URL

4) Encrypted Algorithm - NA

5) Decryptor Link - NA

6) Screenshots -


7) Indicators of Compromise -
helprecover@ghostmail.com
http://vswefkqsipoeuq5o.onion
Download and install tor-browser: http://www.torproject.org/projects/torbrowser.html.en
2. After a successful installation, run the browser and wait for initialization.
3. Type in the address bar: vswefkqsipoeuq5o.onion



8) File Details - NA

Comments