crypt32 | bf536ce5dda81ac7309daddf5116d8fe374656f04e65ca9d02751d0fc88c1228

General

Target

32Bit.bin.zip
Size

9.4MB
Sample

200913-jegg8khgp2
MD5

fbff96658807e1f7108856b6579566f3
SHA1

901564760d06cefb6cd9d19b6c3df7aecb827976
SHA256

bf536ce5dda81ac7309daddf5116d8fe374656f04e65ca9d02751d0fc88c1228
SHA512

b23935545bbef08eff509aa251d335fdddb38c111db9c1e20d2b691c3fa9a6a78ca904ac40575abe8826525709b61280a94828118263b1a1fd64b075caa333e3

Score

10^/10

crypt32 ransomware

Malware Config

Extracted

Path

C:\Users\Admin\Desktop\!! YOUR FILES HAS BEEN ENCRYPTED !!.txt

Family

crypt32

Ransom Note

Your files has been encrypted by ransomware! and You can't decrypt with money. Please install heroes of the storm to decrypt your files. Attention: DO NOT TURN OFF YOUR PC! IF YOU TURNED OFF YOUR PC, YOU WON'T ABLE TO DECRYPT YOUR FILES! Emergency contact: [email protected] Warning - Any attmpt of decryption file will delete your private key. 당신의 파일들은 랜섬웨어에 의해 암호화되었습니다. 그리고 돈을 줘도 풀 수 없습니다. 히어로즈 오브 더 스톰을 설치해서 파일들을 복호화하세요. 경고: PC를 끄지 마세요! PC를 끄면 파일을 복원할 수 없습니다! 긴급 연락 이메일: [email protected] 경고: 복호화를 시도하면 파일들은 절대 다시 풀 수 없습니다.

Emails

[email protected]

Targets

- Target
  
  32Bit.bin
- Size
  
  9.7MB
- MD5
  
  62ecfb090d4512c4be0d8abb2d18a5a2
- SHA1
  
  b4584b1f9e2d72c71515d07378aa4b584612fa49
- SHA256
  
  9f52465538d7c804116e77fab868a87c85d318ffc8970fe7e8a2c846d97a1f74
- SHA512
  
  68af16cf93f7043ecc5a46190a02e9335795675e8836148d6f7fa04934d0f3b6652d5b3e612f6ea6059d7380ebb9229dd3f24ac9b8505454d1a6f85914230438
Score

10^/10

ransomware crypt32
- Crypt32 Ransomware
  Javascript Fan-extortionist malware which demands victims install Heroes of the Storm instead of a monetary ransom. Uses Crypto-JS library for encryption.
  ransomware crypt32
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
- JavaScript code in executable
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Crypt32 Ransomware

Executes dropped EXE

Loads dropped DLL

Drops desktop.ini file(s)

JavaScript code in executable

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2