Kangaroo Ransomware - IOC - File Details


1) Ransomware Name - Kangaroo

2) Encrypted Extensions - .crypted_file

3) Ransom Note File - filename.Instructions_Data_Recovery.txt

4) Encrypted Algorithm - NA

5) Decryptor Link - NA


6) Screenshot -


7) Indicators of Compromise - Email: kangarooencryption@mail.ru


8) File Details -
MD5 e5369ac309f1be6d77afeeb3edab0ed8
SHA1 b7afd3c57b074109bf576b77b33d641fd8e87871
SHA256 478383fb588665c254d416b7c50a124f82291124b002d9bad9fd758a59fd728f
ssdeep384: iX8Obeab6xAraECxkJ7PfXXqHbiqZZK09QmY1fTgT01p1MN / 9bZYVJCrZWMMF: i3lvaEcktUic5imoYC0Z3OF
authentihash  5d764ee2d6355e2437a87a38510a6e83ddb52d976976d9e28300e2124583786c
imphash  a2cd52cf31250cbc8e01c8c970423a4b
The size of the file is 18.0 KB (18432 bytes)
Win32 EXE file type
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit



MD5 3fabc7da050eadf3f39e889f7e517d18
SHA1 cd164dd889e074b83848ade2082ac927afefc9cb
SHA256 ca86c657364522b021bb96b12330373d988d22fc7e42f868b044ee738169b9c9
ssdeep384: iX8Obeab6xAraECxkJ7PfXXqHbiqZZK09QmY1fTgT01p1MN / 9bZhVJCrCWShWS: i3lvaEcktUic5imoYC0ZseH
authentihash  ce01caf3ebebfcb51e518ab65d6f0be1a5f70fca7fe313e71b3d8a71e2fe3d22
imphash  a2cd52cf31250cbc8e01c8c970423a4b
The size of the file is 18.0 KB (18432 bytes)
Win32 EXE file type
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit

Comments