General

  • Target

    584e1baf837bfefe947680528557ca0b

  • Size

    4KB

  • MD5

    584e1baf837bfefe947680528557ca0b

  • SHA1

    76f3ef6aa790260ecc53c8dfc977a3de34c2c636

  • SHA256

    bbd867fd359e4d594b8a153f56c4f377336a7f007b618c13096ce872d445814c

  • SHA512

    9f40fdc50f7126f5b6de70cae2f7000df96492097899583c8e521aa73263fac876b1558093e01cade06c747b73f861e0fa6d4e4dac3d08ac047920132cd65b57

  • SSDEEP

    96:mSxNJUiL/zljJrZ2DMiiwZxStyCsT2LHsqwsjwr4d:mSxNJdz7N2iwZMFc2TsqPjwr4d

Score
10/10

Malware Config

Extracted

Ransom Note
#ALL YOUR FILES ARE ENCRYPTED AND STOLEN BY RAGNAROK Dear Sir Your files are encrypted with RSA4096 and AES encryption algorithm. But don't worry, you can return all your files!! follow the instructions to recover your files Cooperate with us and get the decrypter program as soon as possible will be your best solution. Only our software can decrypt all your encrypted files. What guarantees you have? We take our reputation seriously. We reject any form of deceptionYou can send one of your encrypted file from your PC and we decrypt it for free. But we can decrypt only 1 file for free. File must not contain any valuable information. When hiring third-party negotiators or recovery companies. listen to what they tell you. try to think. Are they really interested in solving your problems or are they just thinking about their profit and ambitions? By the way.We have stolen lots of your company and your private data which includes doc,xls,pdf,jpg,mdf,sql,pst... Here we upload sample files of your company and your private data on our blog : http://sushlnty2j7qdzy64qnvyb6ajkwg7resd3p6agc2widnawodtcedgjid.onion/ We promise that if you don't pay within a week, we will package and publish all of your company and your data on our website. We also promise we can decrypt all of your data and delete all your files on internet after your payment. Such leaks of information lead to losses for the company. fines and lawsuits. And don't forget that information can fall into the hands of competitors! For us this is just business and to prove to you our seriousness. Our e-mail: [email protected] Reserve e-mail: [email protected] Device ID: AAwXyEjL5YjL4YTMuITOxwSMwMVSJ1iVSNFLEVUM0YjMBZTN1Q0NwczM2MTNGFTM5YkQzkzNygTMygjR2gTRykDM3QDOzQEMDJ0NyUkMEljMDJTQ3UENzQ0QBdzQDVTO2E0MyE0Q0YTQ4EkMzIDMFBjQGZDO3QTNCNTQCVjNGJDMCVER1MDRGZEMEV0NwMkR0IEREFTOGFUREVzMFdTNEZTOERjMFVDRBdTRwQkNykzMzcDMyUEREZUQFVUN2UUOxADM0IEM0IjM1YUQ5MURwkTR2QTNFZkNGNjREJ0N3MUR5YkN3IkN2MEMykjMEVjQERkMDRUN5IjN4cDNCVzNGZDM0kjQFVjMGFERGFUNyYUQCRjNyYTOwY0N4AzM3cjNDNTODhjRDV0QFhjRCZTOwY0MzYTM2I0MwUTR1MzNEZDNDV0MyUzNCNTMCdjMzQURFBjRzcjM4EENBNERFF0N4ITN5ATQwUDN2kjQzQzNGVENGVURFBTNCNzMwIDM3YUN2EkQ0kTMyMTRwMzQ1ITOwQUOwU0QFVDOEJTRwgTOwUjNyYkQxQkMDdzNwU0NyYUM3EUOyEkREVUM5UUMEJkM4MzQ1YzN5YjQwADNDVjMEJ0NwgTR4cTM5YzNwQjRGJTR1czNGR0MwgzMxITOEJUMCZDNBdTMGhTMEljR1AjR3IDMCZENEdjMBdTM1E0NxQER4MkRBZUMElTOEBjN5EERwUzMBBjN4QTNFJTOBNTM4EkQzITMyEDMxAjQxYTRxATQwETN5MERygjQFRzNzU0MxgTMyM0NDNzN3UUOyAjMzcjRzQzM2QkRCdzM4czM0gDM1EDODlTM4MUR2EjRwcjR0ITQCZURwEUOxQDOEdDOzQUMGFTNEVUQ4MTQ1QkNGZEN1QjRFZkQ3AjMCVDN5cTMBJDRxQUODFERyUTR1YDM1YDNBdTQyMDMxUjMxIjQwMTNCFDMElDR1czQxUEOFBTQChTNzQUO4kzMBZzQ4QTO5IDM2MkQElTNFdzN4YjN3kTO2YEOwEDRBZjQFFEO1QjRDhDN3cTR0AzM1czNERDR4QjQ3EER3MkN4U0M4MkREFTNERTMFJzN3MUOCFTRBlTN4UTOBdjR2czMGlDRBJzNxUkQDljQ2QjNyQ0Q2QTRwgzQ4EDN3AzMCBDRBdjQxUTNBVkMBZTQEFTMzkDRxYUQ0EkMwQUNCJUR2MDN3EzQ3YkRyQkQBVzQ2YEN2cTOENDR5UDR0MDMwQjR1YkRwUzNxITOFJzMFZjQ4EDNyMTQDdDR4MDRFVzMEJUNDFjNEVDRCFkMGBTQxUUR0IUODZTQ4IDO5czQ2U0QDJDNDVUNFdTN5gjRzATRxEkR0MjQ0EkNGFEN2QzQ0MkRBJUOENkR5EUMENkQDZURygzMwwyM0cTOFlTOxETR2YjR1gDNBFTOFFUOzkzN5MUNyQjR3gTNDJjM2EEO2UjM1MTM2Q0N4U0MyMkQwYjQDVUO0QkQ2ETQ4EUNDR0M0IEMDhDM0EEN4gzQ2EDMGFjNDZ0NGhDO1AjNzMDM5ATM2MTR1czQzEERwQkRBlDN1MDMwUUO3gTMBFUQEBTQ0UzNxIERygjQ5cjR3ITR5kjM5UTQ5MUNBhTMEdjQ2UEOzQkRDVjRyY0NwUUNCdDMBJDOENjRBZDRGZjMyYTMDFjM2gDMEVUMzcDRwkjQ1cTQBJjQBlDMBRTQCVTRGdjQ1YTMyYDOEZDMFdjRwEkMFhDNxEjQFVUR0gTRxY0Q2gjQGJzQ2MEMzQkMERkR3IERBdDRxczMFlTNwMjQ2YkN1ATNyIzN4MUM4EjN5QEM3UDNzUkQwUTMFVDMygjMyIzMCdTMzADMyIUM5czQ2YUOwUTM4ITN4kTM2gzQwMkM4YDRBljN2AjQ4EDOzcTOyUDRDZkMyMDNGVDM1ADO5U0NGNEOGBDRENjNzUUMDZUOGJDRGJUN1M0MEJzNwYTN5QTO3QTQwMDRDhjNEZEOGhDOxEkQ0ATQ0IjM5YER3IUMGVUOCVjRxM0MDVzN5QEN3QkRxEkRCNjNGljMxQjQFVUR5IjR4EDN4UTNBNUN3MDO1QUOyUzMzMzNwYTO0IjMBJDRxgTN3AzN5AzMDFjQDBDNDZ0NzATRDVDN4ETRFFkM1EDOxIUN1kDNEVjQFNTMGZUQEFTNFFERxgDMCJjMwQTMDRjRBdTODJUOGZTRCFUOyMUOCZTOCBTN5UzQGJER1kDN4AjMxgjMDFDRDFTRGVzMCVDM2AzMwYzQzQzM2YjM4gDMwIkMBRzN0QUNCljRxMTR4UjMDhDOGhDNyEUN5QEMDFzN5MjNzkTNBRkR2gDMBV0MzYjQ4MDN0UTN1ADN3IjM2MDNBVUNFJDN5EzMxEkMyE0NEVzQ0EkM0YEOFVTQBRzN0kDMDZUQ1EUO2IjQ0IjMGJjR3EEM0EUMwY0Q1EkRCdjMEZUOyUzN1QDNxMzNwIDMxcDR4IkM5Q0MFNkRFlzQ5ETOCNjN2QTMyQEM0YkQwY0MzMDO2UUNFdTMBZTMCVTNyUUQCNkNwMzMxIjM0gjQxgzNyQEM1MUN5EjM0UUQGBDM0kjNCJUO2gDMxkTR5QDMFRkNEdzN5QzNyMDO0IzNEVUNElTOxEjM3YjQxIjNwgTQDZzQ2I0NEFUQ3ETRycDNyAjQ0kzMGNEN2QjNyQEOGhzN5IEOzEjQCNUNyMzMEFjM2EURFVzMGJkMyYUM5cjM2MjM3UENEZ0N2M0NxIjN5cjMDVDO1EDMClzM3IDO5IUQCZzQwYzN
URLs

http://sushlnty2j7qdzy64qnvyb6ajkwg7resd3p6agc2widnawodtcedgjid.onion/

Signatures

Files

  • 584e1baf837bfefe947680528557ca0b
    .html