IFN643 Ransomware - IOC - File Details


1) Ransomware Name - IFN643

2) Encrypted Extensions - .ifn643

3) Ransom Note File -
IFN643_Malware_Readme
spoolpdf.anti.exe
spoolpdf.exe
<random_name>.exe

4) Encrypted Algorithm - AES

5) Decryptor Link - NA

6) Screenshot -

7) Indicators of Compromise - NA

8) File Details -
MD5 6667132ea7b5b229cb1e4ac85816b13e
SHA1 4b0360a1ef46cacbf4ff534580f9e235139103a1
SHA256 5113b1962a1cd64501f1b930f1c6e8a3d920f88e87468f131b2608178c539ec4
ssdeep3072: gHTMNUxAYctd3BHvo + sx0OliISrERJaNOFFyXKXoVf6Ag0FujoZA46B / XmY: gHT67YcHBtsWO8xEt4VSAOYuB / 2Y
authentihash  caa6952aa25b77401e04c636db60b733bbeb92a3c9ee59848ced5e47a2d95282
imphash  104fa524dcad8e1b28d3b38ecc2870f8
The size of the file is 199.5 KB (204288 bytes)
Win32 EXE file type
DescriptionPE32 executable for MS Windows (console) Intel 80386 32-bit

Comments