CryptXXX

From Botnets.fr

Jump to navigation Jump to search

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

(Botnet) Link to the old Wiki page : [1] / Google search: [2]

CryptXXX
Alias
Group	Cryptolocker
Parent
Sibling	Reveton
Family
Relations	Variants: Sibling of: Parent of: Distribution of: Campaigns:
Target
Origin
Distribution vector	Angler, Bedep
UserAgent
CCProtocol	TCP/443 (Port)
Activity	2016 /
Status
Language
Programming language	Delphi
Operation/Working group

Introduction

Features

Launch delay

Virtual machine detection

Monitor mouse events

Check CPU name in registry

Encrypt files

Data theft

String(s): CryptProjectXXX

Associated images

Checksums / AV databases

3b6cdb0d03f07af774ea34a964a6e2fb6ce321d7adc487af0486f13e5aed0304 | Virustotal

a4e9c151a50595b59e787dd3b361ac53d02dd7f212d6b22639dc01776c886d05 | Virustotal

565dadb36e1d8b0c787d0d5e4cd7ec8c24cac1d6b37637427547ae465ab0fff0 | Virustotal

0b12584302a5a72f467a08046814593ea505fa397785f1012ab973dd961a6c0e | Virustotal

Publications

	Author	Editor	Year
CryptXXX: new ransomware from the actors behind Reveton, dropping via Angler	Kafeine	Proofpoint	2016

Retrieved from "https://www.botnets.fr/index.php?title=CryptXXX&oldid=13287"

Botnets