Skip to main content

Posts

LowLevel04 Ransomware - IOC - File Details

1) Ransomware Name - LowLevel04

2) Encrypted Extensions - oor.

3) Ransom Note File - help recover files.txt

4) Encrypted Algorithm - AES

5) Decryptor Link - NA

6) Screenshot -


7) Indicators pf Compromise -
entry122717@gmail.com
entry123488@india.com


8) File Details - NA
Recent posts

Lortok Ransomware - IOC - File Details

1) Ransomware Name - Lortok

2) Encrypted Extensions - .crime

3) Ransom Note File -  ВНИМАНИЕ_ОТКРОЙТЕ-МЕНЯ.txt

4) Encrypted Algorithm - AES-256

5) Decryptor Link - NA

6) Screenshot -


7) Indicators of Compromise - NA


8) File Details - NA

Lomix Ransomware - IOC - File Details

1) Ransomware Name - Lomix

2) Encrypted Extensions - .encrypted

3) Ransom Note File -
.encrypted.original_file_extension
Important.encrypted.docx
README.txt
lomix.exe
<random>.exe

4) Encrypted Algorithm - AES-256

5) Decryptor Link - NA

6) Screenshot -

7) Indicators of Compromise - NA

8) File Details - NA

Lock93 Ransomware - IOC - File Details

1) Ransomware Name - Lock93

2) Encrypted Extensions - .lock93

3) Ransom Note File - ИНСТРУКЦИЯ INSTRUCTION.txt

4) Encrypted Algorithm - NA

5) Decryptor Link - NA

6) Screenshot -


7) Indicators of Compromise -
E-mail: oplaticydadeng@mail. ru
Reserve E-mail: zaplatiddeng@yandex.ru


8) File Details - NA

Locky Ransomware - IOC - File Details

1) Ransomware Name - Locky

2) Encrypted Extensions -
.locky
.zepto
.odin
.shit
.thor
.aesir
.zzzzz
.osiris
.DIABLO6

3) Ransom Note File -
_Locky_recover_instructions.txt
_Locky_recover_instructions.bmp
_HELP_instructions.txt
_HELP_instructions.bmp
_HOWDO_text.html
_WHAT_is.html
_INSTRUCTION.html
DesktopOSIRIS.(bmp|htm)
OSIRIS-[0-9]{4}.htm

4) Encrypted Algorithmm - RSA-2048 and AES-128

5) Decryptor Link - NA

6) Screenshot -


7) Indicators of Compromise -
xxxx://6dtxgqam4crv6rr6.tor2web.org/
xxxx://6dtxgqam4crv6rr6.onion.to/
xxxx://6dtxgqam4crv6rr6.onion.cab/
xxxx://6dtxgqam4crv6rr6.onion.link/
***6dtxgqam4crv6rr6.onion


8) File Details -
MD5 8d3576d281200a1e713dc70c2b639aaf
SHA1 00551fa40409d2b2c94ff17a0ab6a42f1828da54
SHA256 cbd9e9038bf5959e134ee55ebd6b8c802ee56c54d987a85441f33b361be3ace2
ssdeep96: faz / a0gIigdGy9d5gUB1 / ocZMftvZlwGAkyRjaoc0GwxYwF: faz / 9gIiaGy9DgUB1 / ocyfVfwGAZj9cc
The size of the file is 3.8 KB (3879 bytes)
File Type Text
DescriptionASCII text, with very long lin…

LockLock Ransomware - IOC - File Details

1) Ransomware Name - LockLock

2) Encrypted Extensions - .locklock

3) Ransom Note File - READ_ME.TXT

4) Encrypted Algorithm - AES(256)

5) Decryptor Link - NA

6) Screenshot -

7) Indicators of Compromise -
locklockrs@aol.com
http://b1t.do/locklockrs
Skype : locklockrs
www.locklock.net  (200.63.45.76)
C2: locklock.net/tmp/savekey.php


8) File Details - NA

Locker Ransomware - IOC - File Details

1) Ransomware Name - Locker

2) Encrypted Extendions - NA

3) Ransom Note File - NA

4) Encrypted Algorithm - NA

5) Decryptor Link - https://www.google.com/url?q=http://www.bleepingcomputer.com/forums/t/577246/locker-ransomware-support-and-help-topic/page-32%23entry3721545&sa=D&ust=1505219068689000&usg=AFQjCNGQmnGu1N-Lr0UZRUaYWrizxeJ5Bg

6) Screenshot -


7) Indicators of Compromise - NA


8) File Details - NA