LambdaLocker Ransomware - IOC - File Details


1) Ransomware Name - LambdaLocker

2) Encrypted Extensions - .lambda_l0cked

3) Ransom Note File -
READ_IT.hTmL
LambdaLocker.exe
baiduyunSimple.exe

4) Encrypted Algorithm - AES+RSA и SHA-256

5) Decryptor Link - NA

6) Screenshot -

7) Indicators of Compromise -
lambdasquad.hl@yandex.com
HuoBi (火币,China): https://www.huobi.com/
BtcTrade (China): http://www.btctrade.com
OKCoin: https://www.okcoin.cn/
Bter: https://bter.com/
JuBi (聚币,China): http://www.jubi.com/
Btc100 (China): https://www.btc100.cn/
BTC-e: https://btc-e.com/
Bitstamp: https://www.bitstamp.net/
GDAX: https://www.gdax.com/
CEX: https://cex.io/


8) File Details -
MD5 bd529e07aa7ae40c11b88849f4ef043e
SHA1 bb0ff189bfded4d40095fbf4f58ba7bd7b728aac
SHA256 527436992d09fa4ad6f7e590e28ea9c416acbde18d96a618aba7f6c071649f0e
ssdeep196608: lqYMXdM + 4nDzOXtvRawDnug4ZIEj + G8fNGOV: lqYeW + 4nHOdvQRjR8VGOV
authentihash  7661b0b4b016248a19af5a650054d799d6801c2a0c7856bcb376773606e22b85
imphash  f8f737122031b75e9e37d66860a41780
The size of this file is 8.1 MB (8512834 bytes)
Win32 EXE file type
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit


MD5 350a41414868c012159687d0b562eb3d
SHA1 40925299b6841015dd24d0eed7ee114e9bc5290e
SHA256 bdc06ab2585d8aa0ca79bf469401aebe5e30cd1a4f3370aa139be64e63a81755
ssdeep1536: WV + iakGfQ5FwwhqxSwaTDAWSxG77IOnnToIf7: WUnkGfQ5FwwhqxSwaYWTtnTBf7
authentihash  a90151a23a72087a990cb4a32d7249c7f392a95b2de7213162a1d03400ab762a
imphash  f8f737122031b75e9e37d66860a41780
The size of the file is 64.0 KB (65536 bytes)
Win32 EXE file type
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit

Comments