Gremit Ransomware - IOC


1) Ransomware Name - Gremit

2) Encrypted Extensions - .rnsmwr

3) Ransom Note File - NA

4) Encrypted Algorithm - AES

5) Decryptor Link - NA

6) Screenshots -


7) Indicators of Compromise -
https://bitcoin.org/en/getting-started
http://pastebin.com/raw/hH9hnfxY


8) File Details -
MD5 d09783a4ced997c23916ae71d52492f8
SHA1 f98e845d7cd04fdad5355be58b930be2ad1daad7
SHA256 5fd942544cbbbdb779918e53d6dad82a24ab23e571ff2d056b95363a28091624
Ssdeep768: ztY1EegyGQL01lRdeA + ois1NE / srv3BHdlV06E6Kuqx + / 5: ztY1EeX01lRHiSNE / srv3LPiNuqE
Authentihash  6d648c27a96696d316689808ffb6d10ce95f6f5ab9b43dc7a6fc91042fb63bd6
Imphash  F34d5f2d4577ed6d9ceec516c1f5a744
The size of the file is 35.0 KB (35840 bytes)
Win32 EXE file type
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 Mono / .Net assembly

Comments