CryptoWire Ransomware - IOC


1) Ransomware Name - CryptoWire

2) Encrypted Extensions - .encrypted

3) Ransom Note File - NA

4) Encrypted Algorithm - AES(256)

5) Decryptor Link - NA

6) Screenshots -

7) Indicators of Compromise -
CryptoWire.exe
<random_name>.exe
README.txtblockchain.info (104.16.54.3)



8) File Details -
the MD5 41d4ab0de7f56c1d4b38fc10c25518f9
the SHA1 4928a320c5bdefb1e8c4c9f25fcd200ce3af0db7
the SHA256 5684f8b6422ec02116b5ae28480756005e58cd4cfc5701d94fa180ea06de96d6
ssdeep12288: lCdOy3vVrKxR5CXbNjAOxK / j2n + 4YG / 6c1mFFja3mXgcjfRlgsUBgawT9dAa0Q: lCdxte / 80jYLT3U1jfsWaI9d30Q
authentihash  812fbdc7bf814bd32d26269a66c9df2638b1bfe1b3efdf28618a0ad47bfc255a
imphash  afcdf79be1557326c854b6e20cb900a7
File size 873.5 KB (894,464 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit

Comments