CuteRansomware - IOC


1) Ransomware Name - CuteRansomware

2) Encrypted Extensions -
.已加密
.encrypted

3) Ransom Note File -
你的檔案被我們加密啦!!!.txt
Your files encrypted by our friends !!! txt

4) Encrypted Algorithm - AES(128)

5) Decryptor Link - https://www.google.com/url?q=https://github.com/aaaddress1/my-Little-Ransomware/tree/master/decryptoTool&sa=D&ust=1499959783564000&usg=AFQjCNHFUFweJPcTt1Q8N98jyjGuQMBO9g

6) Screenshots -

7) Indicators of Compromise - NA


8) File Details -
the MD5 d23cf2f86cc17fc3e349f21f352df768
the SHA1 838fe617845e7ae84d1b1f64c024bab8135c81dd
the SHA256 54412886df7c047a42393e1e0f509da55a27c6b953a9a80b2f18b8ae78628deb
ssdeep192: fOUq5NSlPULv + UDojwg3fqDa4W6mxlYKC87TUvhrdVUK98UNNQ8MB9lgz5tHPwmx: hq50pwgiaFxlhUvTRNBMB9lgz5tHoc
authentihash  9091da24c488684313a74729107ddc116e9f998ea658392e37789f7565579531
imphash  f34d5f2d4577ed6d9ceec516c1f5a744
File size 15.0 KB (15,360 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono / .Net assembly

Comments