Difference between revisions of "CryptXXX"
Jump to navigation
Jump to search
(Created page with "{{Botnet| }}") |
|||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
{{Botnet| }} | {{Botnet | ||
|Sibling=Reveton, | |||
|Vector=Angler, Bedep, | |||
|CCProtocol=TCP/443, | |||
|Feature=Launch delay, Virtual machine detection, Monitor mouse events, Check CPU name in registry, Encrypt files, Data theft, | |||
|Checksum=3b6cdb0d03f07af774ea34a964a6e2fb6ce321d7adc487af0486f13e5aed0304, a4e9c151a50595b59e787dd3b361ac53d02dd7f212d6b22639dc01776c886d05, 565dadb36e1d8b0c787d0d5e4cd7ec8c24cac1d6b37637427547ae465ab0fff0, 0b12584302a5a72f467a08046814593ea505fa397785f1012ab973dd961a6c0e, | |||
|String=CryptProjectXXX, | |||
|Programming language=Delphi, | |||
|BeginYear=2016 | |||
|Group=Cryptolocker, | |||
}} | |||
Latest revision as of 22:27, 19 April 2016
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
| CryptXXX | |
|---|---|
| Alias | |
| Group | Cryptolocker |
| Parent | |
| Sibling | Reveton |
| Family | |
| Relations | Variants: Sibling of: |
| Target | |
| Origin | |
| Distribution vector | Angler, Bedep |
| UserAgent | |
| CCProtocol | TCP/443 (Port) |
| Activity | 2016 / |
| Status | |
| Language | |
| Programming language | Delphi |
| Operation/Working group | |
Introduction
Features
String(s): CryptProjectXXX
Associated images
Checksums / AV databases
- 3b6cdb0d03f07af774ea34a964a6e2fb6ce321d7adc487af0486f13e5aed0304 | Virustotal
- a4e9c151a50595b59e787dd3b361ac53d02dd7f212d6b22639dc01776c886d05 | Virustotal
- 565dadb36e1d8b0c787d0d5e4cd7ec8c24cac1d6b37637427547ae465ab0fff0 | Virustotal
- 0b12584302a5a72f467a08046814593ea505fa397785f1012ab973dd961a6c0e | Virustotal
Publications
| Author | Editor | Year | |
|---|---|---|---|
| CryptXXX: new ransomware from the actors behind Reveton, dropping via Angler | Kafeine | Proofpoint | 2016 |