Difference between revisions of "Casier"
Jump to navigation
Jump to search
Line 23: | Line 23: | ||
|BeginYear=2012 | |BeginYear=2012 | ||
|EndYear=Unknown | |EndYear=Unknown | ||
|Group=Police lock | |Group=Police lock, Ransomware, | ||
|Illustrations==== 2012/09 === | |Illustrations==== 2012/09 === | ||
{{#ask: [[threat::Casier]][[month::2012-09]] | {{#ask: [[threat::Casier]][[month::2012-09]] |
Revision as of 22:25, 30 July 2015
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
Casier | |
---|---|
Alias | Retacino, Karagny.L, Undefined-07 |
Group | Police lock, Ransomware |
Parent | |
Sibling | |
Family | |
Relations | Variants: Sibling of: |
Target | Microsoft Windows |
Origin | |
Distribution vector | |
UserAgent | Unknown |
CCProtocol | Unknown () |
Activity | 2012 / Unknown |
Status | Unknown |
Language | |
Programming language | |
Operation/Working group |
Introduction
- Could be related to Goldenbaks
Samples of the Karagny.L (? MS) Dropper: MD5:
69e83126e526bda1edb44c802d9a1a6c 13d4fa60a9bd7c12c0020ec3031cdc8e f3b37ec88b279cb6f6a10df5104543c1 884f5d75b9ed1dcf9248a2378f82db72 1b0edaa16e19954f319088fbf5f67829 9a42acc44c3ab4435e3c160d8bcfaead 28/08/2012 df2dc152f63576fda0c1bcd846840d65 04/09/12 a4811501e920c5f39229dbbca41aa816 21/10/12
http:
logunasens10.in POST /image/9rs/price.php 64.62.146.82 lewinckybest50.in POST /image/vladiny/price.php HTTP/1.1 64.62.146.81 04/09/12 87.107.121.138 POST /price.php 21/10/12 - SubC&C