EiTest Ransomware - IOC


1) Ransomware Name - EiTest

2) Encrypted Extensions - .crypted

3) Ransom Note File - NA

4) Encrypted Algorithm - NA

5) Decryptor Link - NA

6) Screenshots -


7) Indicators of Compromise -
.[RES_SUP@INDIA.COM].ID[2D64A0776C78A9C3].CRYPTOSHIELD
res_sup@india.com - SUPPORT;
res_sup@computer4u.com - SUPPORT RESERVE FIRST;
res_reserve@india.com - SUPPORT RESERVE SECOND;
ID (PERSONAL IDENTIFICATION): 9694E***
***stephanemalka.com
***new.theagingbusiness.com
107.191.62.136:80 (США)


8) File Details -
the MD5 bbef5dfa20459447fd71ea3eaac82ca0
the SHA1 293264a77bf83a1e69d3b38428b4c76f0d54780f
the SHA256 2b658da052076ae93ffd1ffa967aaa2663f0d91bdfdc3dd617557e9a4607daa4
ssdeep1536: aGPvrp8P / sVfkJf5 / 5mu4Tw + FGcAYkxQZAaDU + tlCUHdL: Z2sVfkJf5 / 554cE2pQCqQmdL
authentihash  9e1776e90ee887a4aac1737f60229172692ebf32bff11662db4841ab4f729bb3
imphash  b92e835e324afb433b56a8ce8cb49361
File size 93.5 KB (95744 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit

the MD5 f8c69e87a7cbdd41d6c0647307f46c47
the SHA1 f87e668b1ebff2f8cafaddc6df350b683322a782
the SHA256 f4000eedd47fcf95e92a28d2b8f9f99852dd86bd2c79287d2f031ff0264ac3dc
ssdeep1536: 42a8zH5B0Pu5WHJ5M5mu4Tw + FGcAYkxQZAaDU + tlCUHdL: 4In5WHJ5M554cE2pQCqQmdL
authentihash  f9fdcde99aa00784b0c18c8ee41ee01b97c46e837c2b6f3f8150437aa5c80fde
imphash  b4e1872287a9865c24bf407ba1e98a61
File size 93.5 KB (95744 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit

the MD5 abba67209d98730df19e4820c61feff5
the SHA1 a321289bd55c26c82f758b8df465cef091f743fb
the SHA256 3f28091f3e73d31227852e41989ee1b028e105a16296891d6eb7ba2f8769f2c8
ssdeep1536: h0 / s76xfaiDmPycXW58Iap6jro36dELVtMtO0tfP + YEfuRmg0wG + 2xCxHgat / V3: 8xKW58F6jronxCO05P + 1ugwxxHgat / V3
authentihash  f853b5fb567d67144f671a5f45ebe50316e74c9929fd80b245e2fb17db78829e
imphash  711645199ffe0420c8dae3a88e872949
File size 112.0 KB (114,688 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit

Comments