Digisom Ransomware - IOC


1) Ransomware Name - Digisom

2) Encrypted Extensions - b0C.x

3) Ransom Note File - Digisom Readme0.txt (0 to 9)

4) Encrypted Algorithm - NA

5) Decryptor Link - NA

6) Screenshots -

7) Indicators of Compromise -
xxxx://www.digisom.pw
digisom.pw (68.65.122.94:80 - США)
***goldenwordsoftheday.com/
***airbnb.es-farina.es/cat/listing/



8) File Details -
the MD5 5559da82149923247fc9d02a04004a13
the SHA1 6cf41cf84ff2c2dbf2591ee8d739fe123cbb3fc9
the SHA256 f0c088b1084a809b0f6890d704ec28f6e91e4f18fc114ca0b05d58ae2a24f398
ssdeep12288: LigP + 849Yv4YWzHJajwdWsP8EyGLwrOW4btnTWjldsr1bOmZDe: LNXNvXKUjklPUSVxwMZS
authentihash  9ecf0b512c5c811279636960592ab93733c732a98a2ff15c91821ce776c8d5f4
imphash  9e770102ed57229b6f63411f707d6cfb
File size 714.5 KB (731,648 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit

the MD5 051db71cdfd3a5e1f99cdec2c964b771
the SHA1 7f0e762fe6aa75e2c5ca2eb09cdfc18d9b466ff8
the SHA256 9b97fc63b6559474a69171dba923c67579e4a470066c938c06632a92903150fd
ssdeep768: dEHYhLeY + DQOfdtWNbtKwu4j7 / qKMWBO5PJb: iHYhLcDQO3WNbtK + RMWBi
authentihash  51c31fae1fe427aa680662bcb8e275da4b7f41a2e6c22b6701cef3846f8090ff
imphash  f34d5f2d4577ed6d9ceec516c1f5a744
File size 96.0 KB (98304 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 Mono / .Net assembly

the MD5 88bca052a833461e2dd2b3170fff76c0
the SHA1 1304478347bd7f47b84cd39ffc545ac1f55707c1
the SHA256 11edf9436a9205c88c2a815cf6ebfb0a7a42eb150a2649766b3bb30350ee35ed
ssdeep3072: XT8Q2YM + ti7mMzJ5HQOEzsTKshIK7Yw31MXM2fbGBeaIIadcXnMFGoF: j8epiyiwl01MTc2jGQjZdc6GoF
File size 184.1 KB (188,499 bytes)
File Type PDF
DescriptionPDF document, version 1.3

Comments