Jhon Woddy Ransomware - IOC - File Details


1) Ransomware Name - Jhon Woddy

2) Encrypted Extensions - .killedXXX

3) Ransom Note File -
WindowsApplication1.exe
Receipt.exe

4) Encrypted Algorithm - NA

5) Decryptor Link - https://www.google.com/url?q=https://download.bleepingcomputer.com/demonslay335/DoNotOpenDecrypter.zip&sa=D&ust=1505062299909000&usg=AFQjCNEFCmpj4N4G_n8enWpgesDudAWNGA


6) Screenshot -

7) indicators of Compromise - NA


8) File Details -
MD5 39b1a5e9d1c343a1a2a29247f9ec5699
SHA1 5e6f9e075d196de2613f8023a672f1e72fce331e
SHA256 a465bc08714bc760130a3f150a704df2f08af083b2aaf0c931e714019f3769e3
ssdeep12288: jueNLldLN97ji4pSc9B / CfvgLMfedSaPLaz7hyViDK: juqldL / 3da9fqhaz74V
authentihash  d2836995d95fbcd6c4cacff234d5a6b251f34cf1ebc8feabbaa566726988267a
imphash  f34d5f2d4577ed6d9ceec516c1f5a744
The size of the file is 408.5 KB (418304 bytes)
Win32 EXE file type
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono / .Net assembly

Comments