General
-
Target
195a1s0ssssd7da.exe
-
Size
717KB
-
Sample
200709-y5l8sjy712
-
MD5
f5bac73547f97032c8894732a351e065
-
SHA1
5df55474424dd0445ffb0c8f2b55e26f3d247f34
-
SHA256
b528251075071c38ce1e0b667af69434125bd6f8afb0de6401b83b41939b2ced
-
SHA512
b0982846d4c347d360f69906f164fd4a21163c02e7edf17a89aadfd1c401095120a002f661b408a02e9b4405d696b750a21453aaf2075c0092aabd9aeb120fbe
Score
10/10
Malware Config
Extracted
Path
\??\M:\Read_Me.txt
Ransom Note
Attention!
All your files, documents, photos, databases and other important files are encrypted
The only method of recovering files is to purchase an unique decryptor. Only we can give you this decryptor and only we can recover your files.
The server with your decryptor is in a closed network TOR. You can get there by the following ways:
----------------------------------------------------------------------------------------
1. Download Tor browser - https://www.torproject.org/
2. Install Tor browser
3. Open Tor Browser
4. Open link in TOR browser: http://7rzpyw3hflwe2c7h.onion/?FXYABDFG
5. Follow the instructions on this page
----------------------------------------------------------------------------------------
On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.
Alternate communication channel here: http://helpqvrg3cc5mvb3.onion/
URLs
http://7rzpyw3hflwe2c7h.onion/?FXYABDFG
http://helpqvrg3cc5mvb3.onion/
Targets
-
-
Target
195a1s0ssssd7da.exe
-
Size
717KB
-
MD5
f5bac73547f97032c8894732a351e065
-
SHA1
5df55474424dd0445ffb0c8f2b55e26f3d247f34
-
SHA256
b528251075071c38ce1e0b667af69434125bd6f8afb0de6401b83b41939b2ced
-
SHA512
b0982846d4c347d360f69906f164fd4a21163c02e7edf17a89aadfd1c401095120a002f661b408a02e9b4405d696b750a21453aaf2075c0092aabd9aeb120fbe
Score10/10-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-