Difference between revisions of "Casier"
Jump to navigation
Jump to search
m (Text replacement - "=Unknown" to "=") |
|||
(One intermediate revision by the same user not shown) | |||
Line 17: | Line 17: | ||
|Parent=Goldenbaks, | |Parent=Goldenbaks, | ||
|Target=Microsoft Windows, | |Target=Microsoft Windows, | ||
|UserAgent= | |UserAgent= | ||
|CCProtocol= | |CCProtocol= | ||
|Status= | |Feature=Affiliation, | ||
|Status= | |||
|BeginYear=2012 | |BeginYear=2012 | ||
|EndYear= | |EndYear= | ||
|Group=Police lock, Ransomware, | |Group=Police lock, Ransomware, | ||
|Illustrations==== 2012/09 === | |Illustrations==== 2012/09 === |
Latest revision as of 15:47, 8 August 2015
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
Casier | |
---|---|
Alias | Retacino, Karagny.L, Undefined-07 |
Group | Police lock, Ransomware |
Parent | Goldenbaks |
Sibling | |
Family | |
Relations | Variants: Sibling of: |
Target | Microsoft Windows |
Origin | |
Distribution vector | |
UserAgent | |
CCProtocol | |
Activity | 2012 / |
Status | |
Language | |
Programming language | |
Operation/Working group |
Introduction
Samples of the Karagny.L (? MS) Dropper: MD5:
69e83126e526bda1edb44c802d9a1a6c 13d4fa60a9bd7c12c0020ec3031cdc8e f3b37ec88b279cb6f6a10df5104543c1 884f5d75b9ed1dcf9248a2378f82db72 1b0edaa16e19954f319088fbf5f67829 9a42acc44c3ab4435e3c160d8bcfaead 28/08/2012 df2dc152f63576fda0c1bcd846840d65 04/09/12 a4811501e920c5f39229dbbca41aa816 21/10/12
http:
logunasens10.in POST /image/9rs/price.php 64.62.146.82 lewinckybest50.in POST /image/vladiny/price.php HTTP/1.1 64.62.146.81 04/09/12 87.107.121.138 POST /price.php 21/10/12 - SubC&C
Features