Difference between revisions of "CryptXXX"
Jump to navigation
Jump to search
Line 5: | Line 5: | ||
|Feature=Launch delay, Virtual machine detection, Monitor mouse events, Check CPU name in registry, Encrypt files, Data theft, | |Feature=Launch delay, Virtual machine detection, Monitor mouse events, Check CPU name in registry, Encrypt files, Data theft, | ||
|Checksum=3b6cdb0d03f07af774ea34a964a6e2fb6ce321d7adc487af0486f13e5aed0304, a4e9c151a50595b59e787dd3b361ac53d02dd7f212d6b22639dc01776c886d05, 565dadb36e1d8b0c787d0d5e4cd7ec8c24cac1d6b37637427547ae465ab0fff0, 0b12584302a5a72f467a08046814593ea505fa397785f1012ab973dd961a6c0e, | |Checksum=3b6cdb0d03f07af774ea34a964a6e2fb6ce321d7adc487af0486f13e5aed0304, a4e9c151a50595b59e787dd3b361ac53d02dd7f212d6b22639dc01776c886d05, 565dadb36e1d8b0c787d0d5e4cd7ec8c24cac1d6b37637427547ae465ab0fff0, 0b12584302a5a72f467a08046814593ea505fa397785f1012ab973dd961a6c0e, | ||
|String=CryptProjectXXX, Essai, | |||
|Programming language=Delphi, | |Programming language=Delphi, | ||
|BeginYear=2016 | |BeginYear=2016 | ||
|Group=Cryptolocker, | |Group=Cryptolocker, | ||
}} | }} |
Revision as of 22:20, 19 April 2016
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
CryptXXX | |
---|---|
Alias | |
Group | Cryptolocker |
Parent | |
Sibling | Reveton |
Family | |
Relations | Variants: Sibling of: |
Target | |
Origin | |
Distribution vector | Angler, Bedep |
UserAgent | |
CCProtocol | TCP/443 (Port) |
Activity | 2016 / |
Status | |
Language | |
Programming language | Delphi |
Operation/Working group |
Introduction
Features
String(s): CryptProjectXXX, Essai
Associated images
Checksums / AV databases
- 3b6cdb0d03f07af774ea34a964a6e2fb6ce321d7adc487af0486f13e5aed0304 | Virustotal
- a4e9c151a50595b59e787dd3b361ac53d02dd7f212d6b22639dc01776c886d05 | Virustotal
- 565dadb36e1d8b0c787d0d5e4cd7ec8c24cac1d6b37637427547ae465ab0fff0 | Virustotal
- 0b12584302a5a72f467a08046814593ea505fa397785f1012ab973dd961a6c0e | Virustotal
Publications
Author | Editor | Year | |
---|---|---|---|
CryptXXX: new ransomware from the actors behind Reveton, dropping via Angler | Kafeine | Proofpoint | 2016 |