Erebus Ransomware - IOC


1) Ransomware Name - Erebus

2) Encrypted Extensions - NA

3) Ransom Note File - README.HTML

4) Encrypted Algorithm - AES

5) Decryptor Link - NA

6) Screenshots -

7) Indicators of Compromise -
xxxx://erebus5743lnq6db.onion
xxxx://torproject.ip-connect.vn.ua (91.218.89.74 - Украина)
xxxx://ipecho.net/plain
xxxx://ipinfo.io/country


8) File Details -
the MD5 0ced87772881b63caf95f1d828ba40c5
the SHA1 6e5fca51a018272d1b1003b16dce6ee9e836908c
the SHA256 ed3a685ca65de70b79faf95bbd94c343e73a150e83184f67e0bdb35b11d05791
ssdeep24576: DxIWmj1GwuqWt6GoXrxv7EJoD7p1YQzA + GdctrOvpk5P4TB5tP9P6F: Dnqqo5PzA + Gda4TB5tFP6F
authentihash  08ac66454d9cd3116a78f2d399840c286da8243dffbad987287dc6288fa3dabb
imphash  528498246e893d454b0afdebdb745c46
File size 1.2 MB (1249280 bytes)
Type of file Win32 EXE
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit

Comments