djvu | cde120f958f8f3d4e9a8b895d4cb7341785e4c0da7c7fdb6974b2001ff5d95c2

General

Target

cde120f958f8f3d4e9a8b895d4cb7341785e4c0da7c7fdb6974b2001ff5d95c2
Size

729KB
Sample

240214-fhwfdahe6z
MD5

b0962d4bbd7edc329387f91b6264a31e
SHA1

ea0e3db85a02028ff7bd0f46bd47b9a8d22582a6
SHA256

cde120f958f8f3d4e9a8b895d4cb7341785e4c0da7c7fdb6974b2001ff5d95c2
SHA512

d8bc4111e5699556c8f8763c1621c12101c59afd37ff4b11c47eef133788009998fbcf4914ced95ca1676f0aa026766c17e09660d42fae6a8a5fb1af537dca74
SSDEEP

12288:IzB/LSLCe77k2khNvH9WQxAilnpBZUxujc+EoCExnANnCN76q8XL4fVzd6O:IzpeCe7ghddWQxAcpBZU4jc+5SCWXkfD

Score

10^/10

Family

djvu

C2

http://habrafa.com/test1/get.php

Attributes

extension
.lkhy
offline_id
OxV6DGl22io8sqMOW1zCCOlzPiv4f1Vqzw7Y8zt1
payload_url
http://brusuax.com/dl/build2.exe

http://habrafa.com/files/1/build3.exe
ransomnote
ATTENTION! Don't worry, you can return all your files! All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key. The only method of recovering files is to purchase decrypt tool and unique key for you. This software will decrypt all your encrypted files. What guarantees you have? You can send one of your encrypted file from your PC and we decrypt it for free. But we can decrypt only 1 file for free. File must not contain valuable information. Do not ask assistants from youtube and recovery data sites for help in recovering your data. They can use your free decryption quota and scam you. Our contact is emails in this text document only. You can get and look video overview decrypt tool: https://we.tl/t-uNdL2KHHdy Price of private key and decrypt software is $999. Discount 50% available if you contact us first 72 hours, that's price for you is $499. Please note that you'll never restore your data without payment. Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours. To get this software you need write on our e-mail: [email protected] Reserve e-mail address to contact us: [email protected] Your personal ID: 0851ASdw

rsa_pubkey.plain

Family

vidar

Version

7.8

Botnet

13bd7290c1961db27b4ede41bfbf4c5e

C2

https://t.me/karl3on

https://steamcommunity.com/profiles/76561199637071579

Attributes

profile_id_v2
13bd7290c1961db27b4ede41bfbf4c5e
user_agent
Mozilla/5.0 (X11; Linux 3.5.4-1-ARCH i686; es) KHTML/4.9.1 (like Gecko) Konqueror/4.9