ransomexx_lin | 5345206850453504[.]zip

Resubmissions

20/10/2021, 07:40

211020-jhnmbaggb9 10

Sharing

Copy URL Twitter E-mail

General

Target

5345206850453504.zip
Size

2.2MB
MD5

ebab02774a42113e1a3b3b823d9a628e
SHA1

4dc47b151dc61bec72fbbdc1c32a68e5c6624139
SHA256

ef4a70c94639b2ece0b5a9efd48bf2cd3443d5ff555e1b042c36ce88cff214bf
SHA512

add19863d3b8b850bba12c6db18d49c77a9c524d4732e93bf2ef9fb8b83632bd488fb9d4b23ee5c692980b4aece8769c890686c2586354a32cb0aa661ae07b51
SSDEEP

49152:ADqIP9u8Sno393NzaKDTLizpy813Ro62TdC1xkALt8ibfJEr1F3wmu8x:ZIP9u3nCjep93Ro6wdC1xkAB8qJW1hw4

Score

10^/10

ransomexx_lin

Malware Config

Signatures

Detected Linux variant of RansomEXX 2 IoCs

resource	yara_rule
static1/unpack001/08113ca015468d6c29af4e4e4754c003dacc194ce4a254e15f38060854f18867	family_ransomexx
static1/unpack001/cb408d45762a628872fa782109e8fcfc3a5bf456074b007de21e9331bb3c5849	family_ransomexx

Ransomexx_lin family
ransomexx_lin

Files

5345206850453504.zip
.zip

Password: infected
05d442aae0f028c67ce2c23740194a6ddd1b90a0d016249a12a03691e26ec2f7
.elf linux x64
08113ca015468d6c29af4e4e4754c003dacc194ce4a254e15f38060854f18867
.elf linux x64
09be7e31ab0d7764a6e7663c49192869cae2ef3630e50d2983414baa820c0479
.elf linux x64
1096decc9692167b649d382a064db26d4051e820d96ff8c70240df0d14845816
.elf linux x64
15a9cdf6c44ffaed6de7004a728e772aa1fcee714b2c29d50c8330a9e5bfa0ec
.elf linux x64
196eb5bfd52d4a538d4d0a801808298faadec1fc9aeb07c231add0161b416807
.elf linux x64
3af0bbb5ea24340b683faa468b9fed504af994c3dba7586fe0b5189523b3ae70
.elf linux x64
4197d6ae64b0c515dc50b0f6e713bd14602e8df2bf2acc28cb259c31d89090ca
.elf linux x64
5b1b1bd309538b2f8656eca5c0e082229b492feb88f9ed9fe76b768204067b8c
.elf linux x64
6c7e48abcff69a76529fefb22c9c1e1b3002a449cd78b5fa61c457feaf181244
.elf linux x64
735e3933effabf3bffa96d06d73452f49dfc9062936748b362921a8000179ebe
.elf linux x64
7ea5215bd0a20e6251e889071d4aaa9cb2c6fdba31a8ffbc37ce071fba14f422
.elf linux x64
9195d8d0ea59261b90691f63bc73b4a0c8fa508da4266e585a9774b3507a1160
.elf linux x64
965323500a59b4a471665514a6781e6ca46054062eb8ab9f2af63d57f9258789
.elf linux x64
ac19696efbb86950f8661ca0a7534f975579e8b6ca8dd38d7990ced5de55d9eb
.elf linux x64
c86eaf3a92c0a89aed4ea5cf629446920e8ed8119093eb5f7437d80c0b8dc895
.elf linux x64
cb408d45762a628872fa782109e8fcfc3a5bf456074b007de21e9331bb3c5849
.elf linux x64
ea9b374a6f917aaef43f4ec761af7305b87e6d9890ec1e7d42183d428ec3fd86
.elf linux x64
ec6b6593066de09a196d4ef6b81fb486cd2f047dcd8a06121f70c17713840b7d
.elf linux x64
fdd501f1ea213c7f826d88e22f726f442e0f32b4b5b8bbe50492d78e7e10fa5d
.elf linux x64

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected