Guster Ransomware - IOC



1) Ransomware Name - Guster

2) Encrypted Extensions - .locked

3) Ransom Note File - NA

4) Encrypted Algorithm - NA

5) Decryptor Link - NA

6) Screenshots -


7) Indicators of Compromise -
nucklearsupport@yandex.ru
xxxx://goolserver.ultimatefreehost.in/proxy.php?idnt - C2


8) File Details -
MD5 ec2a8d8f7853397f86a4c96fdbe01b19
SHA1 daaeb314219acb7f10268512c8358a6941d53da3
SHA256 0ed3c87ce3ae58f3dcbf46fa022acd3cbbe0b96af2e9f7a47eee0dd50af88507
Ssdeep49152: yKRy / NLHsvdoewagi6rndXTrKdRRzsdydWLToel51txKRy / N: yKRshsdo / PrndXTrKdRRwZLJl3KRs
Authentihash  Cc50a78ceb39227eb2c4439c5d6256ac10953d3a0bb5ba35699b2e4794bdc9f0
Imphash  F34d5f2d4577ed6d9ceec516c1f5a744
The file size is 2.9 MB (3065344 bytes)
Win32 EXE file type
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono / .Net assembly

Comments