KRider Ransomware - IOC - File Details


1) Ransomware Name - KRider

2) Encrypted Extensions - .kr3

3) Ransom Note File -
KRider.exe
<random>.exe

4) Encrypted Algorithm - AES-256

5) Decryptor Link - NA


6) Screenshot -


7) Indicators of Compromise - NA


8) File Details -
MD5 ea347add66d87351b6ae657bb890614f
SHA1 f5ecb31a9e9067a3d3aade6618e8ea5bfbf517d6
SHA256 5fd2d26cc8910638edc1b36f0c7655591824b755f79ad312e106827db2c8fcb6
ssdeep192: cS / XCOU36PhC1zN / I6Cs4Iv385VmfRyYwXebUKQqsXLqthxH8yWAmS: pX3UqPhWN / n4nmlwX5Sdg
authentihash  c67ba78168bafe122ae05e46ea7e3bc455e190b3b8a98f3d333c179c19a5e0a7
imphash  f34d5f2d4577ed6d9ceec516c1f5a744
The size of the file is 13.0 KB (13312 bytes)
Win32 EXE file type
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono / .Net assembly

MD5 1c0b6cca5cb199aa498679d15c301711
SHA1 849a3987e0e4bc362d23cc258a03d635a0be6c69
SHA256 18f6bd53e57bbddacb68375f835c2b5f7f39f816d48a5d4fd72c1e4837a76e40
ssdeep384: 6lcmLriMBeCHaaxXD0odbMB9lgz5tHoc: 6zrice9E3bGAz5tHoc
authentihash  844859f34f516e42e056eec6f1f20b24e5df715f62b5c5bb9c69c705cccd5648
imphash  f34d5f2d4577ed6d9ceec516c1f5a744
The size of the file is 14.5 KB (14848 bytes)
Win32 EXE file type
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 Mono / .Net assembly

Comments