djvu | b67d8f62acc508f376177aade85c68ed2263e97c83495aff6e705874b5b01a0a

General

Target

b67d8f62acc508f376177aade85c68ed2263e97c83495aff6e705874b5b01a0a
Size

738KB
Sample

240219-acchesgb94
MD5

92cdb34ddc3c41a7f5bd3bdf2a56fa47
SHA1

3ac15a53f51b3e98bbff1386a75e854dc91fa36a
SHA256

b67d8f62acc508f376177aade85c68ed2263e97c83495aff6e705874b5b01a0a
SHA512

bc25a779d19ad0dc40e00f9f0cdf4772c13517297a0fc7db56cbd97e2d992cc0298668de00ad07eee177be0278a9554b20e7575626d3e68b1fb3d79e94693646
SSDEEP

12288:76rIfM84caJqBUk+ojvr/LukOi2QRbIeW3eXMrGbWfv3qMUnCCcI7vZFIQnJclyz:76A4OUk+ojvrLuvCRbIzO3bWH3qMqjmk

Score

10^/10

Family

djvu

C2

http://habrafa.com/test1/get.php

Attributes

extension
.lkhy
offline_id
OxV6DGl22io8sqMOW1zCCOlzPiv4f1Vqzw7Y8zt1
payload_url
http://brusuax.com/dl/build2.exe

http://habrafa.com/files/1/build3.exe
ransomnote
ATTENTION! Don't worry, you can return all your files! All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key. The only method of recovering files is to purchase decrypt tool and unique key for you. This software will decrypt all your encrypted files. What guarantees you have? You can send one of your encrypted file from your PC and we decrypt it for free. But we can decrypt only 1 file for free. File must not contain valuable information. Do not ask assistants from youtube and recovery data sites for help in recovering your data. They can use your free decryption quota and scam you. Our contact is emails in this text document only. You can get and look video overview decrypt tool: https://we.tl/t-uNdL2KHHdy Price of private key and decrypt software is $999. Discount 50% available if you contact us first 72 hours, that's price for you is $499. Please note that you'll never restore your data without payment. Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours. To get this software you need write on our e-mail: [email protected] Reserve e-mail address to contact us: [email protected] Your personal ID: 0851ASdw

rsa_pubkey.plain

Family

vidar

Version

7.8

Botnet

13bd7290c1961db27b4ede41bfbf4c5e

C2

https://t.me/karl3on

https://steamcommunity.com/profiles/76561199637071579

Attributes

profile_id_v2
13bd7290c1961db27b4ede41bfbf4c5e
user_agent
Mozilla/5.0 (X11; Linux 3.5.4-1-ARCH i686; es) KHTML/4.9.1 (like Gecko) Konqueror/4.9