Rannoh
Jump to navigation
Jump to search
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
Rannoh | |
---|---|
Alias | Trustezeb |
Group | Police lock |
Parent | |
Sibling | |
Family | |
Relations | Variants: Sibling of: |
Target | Microsoft Windows |
Origin | |
Distribution vector | |
UserAgent | Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.0; .NET CLR 1.0.2914) |
CCProtocol | HTTP (Centralized) |
Activity | 2012 / |
Status | |
Language | |
Programming language | |
Operation/Working group |
Introduction
Rançongiciel qui chiffre les fichiers du disque dur et les renommes sous la forme: “locked-<nom original>.<4 caractères aléatoire>”
MD5: c36c46f4de045ef332decc006694db6e MD5: 81ff324d2023d8ecb98a127b87d51450 MD5: 51b046256db58b603a27eba8dee05479 2013-01-18
C&C Call
manualvilvotakano .com/una2/SF6344-GWXS-WEQOZ6.php?ltype=lk&id=[REDACTED]&ver=02.063&win=Windows_7_(64_bit)&loc=0x0409&cmd=pcc 2013-01-18 manualvilvotakano .com/una2/SF6344-GWXS-WEQOZ6.php?ltype=lk&id=[REDACTED]&ver=02.063&win=Windows_7_(64_bit)&loc=0x0409&cmd=msg 2013-01-18