EnkripsiPC Ransomware - IOC


1) Ransomware Name - EnkripsiPC

2) Encrypted Extensions - .fucked

3) Ransom Note File - NA

4) Encrypted Algorithm - NA

5) Decryptor Link - https://www.google.com/url?q=https://twitter.com/demonslay335/status/811343914712100872&sa=D&ust=1500466598643000&usg=AFQjCNGMHEwVDzbnZovW9DlpSocHGdji_Q


6) Screenshots -

7) Indicators of Compromise -
LINE: manusiapartGS
Facebook: muhammad.f.nazeeh
Youtube: humanpuff69
email: fulldoang@gmail.com
mgfakhri@gmail.com
muhlubaid69@gmail .com
ID KOMPUTER = WMMT/RM


8) File Details -
the MD5 25847c1160184f20bd72e99fe0aa45af
the SHA1 1b3d1be9f3fe9237b38df4bb399417b430a55fba
the SHA256 d09d242ee69980b0d63119ea6c37551336244a8fc57b3f528572d833dc25dd69
ssdeep24576: DW5r8XKFsKyezFujabHFq9f + qsN9ohyAffZjk9GGvAVi1Pn2M8: vKyexqiFm + fSoAffZjk90Y1P2M8
authentihash  29bd198a3d5fa31e0be921f04be761fc2ffb91eb109ae98cc645e8f9cb531829
imphash  dd643fe47127e173d2302c8f84c76bad
File size 1.1 MB (1105853 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit

the MD5 ab609927ee678f70aa763e0bfe0a6a73
the SHA1 ad8f5430abbb5a71674c5c84d1c2f3c09f243536
the SHA256 7650540f792f1c607203b49f98008cf9218b9c3684469cab530e1234d10705a2
ssdeep3072: ntqIs + cs + 8taYgb1UoAwktFXn7kKHcTuZBnKCJsfWmXTds9qEdhjutZYRHAMQSXf: SYgbyNxLbHmeKC + W2Yq6lmeR
authentihash  b38338d6955754d26d2d593cdf6c3a6f3c1a10e16ccbcc96dd0b905005f88551
imphash  f34d5f2d4577ed6d9ceec516c1f5a744
File size 1.3 MB (1316864 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono / .Net assembly

Comments