Gomasom Ransomware - IOC


1) Ransomware Name - Gomasom

2) Encrypted Extensions - .crypt

3) Ransom Note File -
originalfilename.extension
!___*email*@gmail.com__.crypt

4) Encrypted Algorithm - NA

5) Decryptor Link - https://www.google.com/url?q=https://decrypter.emsisoft.com/&sa=D&ust=1503482082983000&usg=AFQjCNHxZ2SXa5dm1Cp_WHswtfj9gqWuMw


6) Screenshots -


7) Indicators of Compromise -
crydhellsek@gmail.com
cryphelp963@gmail.com
helpsend369@gmail.com
panerai794@gmail.com
prosschiff@gmail.com


8) File Details - NA

Comments