General
-
Target
https://github.com/im-Satyendra/Ransomware-builder
-
Sample
240211-nwy3eshh38
Score
10/10
Malware Config
Extracted
Path
C:\Users\Admin\AppData\Local\read_it.txt
Ransom Note
Don't worry, you can return all your files!
All your files like documents, photos, databases and other important are encrypted
What guarantees do we give to you?
You can send 3 of your encrypted files and we decrypt it for free.
You must follow these steps To decrypt your files :
1) Write on our e-mail :[email protected] ( In case of no answer in 24 hours check your spam folder
or write us to this e-mail: [email protected])
2) Obtain Bitcoin (You have to pay for decryption in Bitcoins.
After payment we will send you the tool that will decrypt all your files.)
Emails
Targets
-
-
Target
https://github.com/im-Satyendra/Ransomware-builder
Score10/10-
Chaos
Ransomware family first seen in June 2021.
-
Chaos Ransomware
-
Downloads MZ/PE file
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Legitimate hosting services abused for malware hosting/C2
-