iRansom Ransomware - IOC - File Details


1) Ransomware Name - iRansom

2) Encrypted Extensions - .Locked

3) Ransom Note File -
iRansom.exe
iRansom_2_.exe

4) Encrypted Algorithm - AES

5) Decryptor Link - NA


6) Screenshot -


7) Indicators of Compromise -
BTC wallet ID: GALAXYHIREN@SIGAINT.ORG
https://support.coinbase.com
Wallet ID: 18Md4ne***


8) File Details -
MD5 5c90ae70d8c5e24f9f1ecdba1efe25cc
SHA1 87829722251a5b2b9affab7e4fff47559a6d759b
SHA256 a6317e998f57a83a78b005ed453d4c29f44f3d36eda553f4c8894a924012964e
ssdeep24576: qQOaeJC + I4nYVj73RIKz5HlAMcR8pAfCfKDprsnYVj73RIKz5HlAMcR8pAfCfKDh: aoYYh3 + 0lAkqCKpIYh3 + 0lAkqCKp
authentihash  d467377813b6d8e9a82705ab8842372bf48b1e98d7bcb8d20958a20bce801d52
imphash  f34d5f2d4577ed6d9ceec516c1f5a744
The size of the file is 1.7 MB (1733120 bytes)
Win32 EXE file type
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono / .Net assembly

Comments