Ransom.EY
Jump to navigation
Jump to search
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
Ransom.EY | |
---|---|
Alias | Ransomgerpo |
Group | Police lock, Ransomware |
Parent | |
Sibling | |
Family | |
Relations | Variants: Sibling of: |
Target | |
Origin | |
Distribution vector | |
UserAgent | |
CCProtocol | |
Activity | 2011 / 2013-02-13 |
Status | |
Language | |
Programming language | |
Operation/Working group |
Introduction
- n'est pas un silent Winlocker.
- la localisation est propre au binaire semble-il.
- Un de ses développeurs/administrateurs aurait été interpellé à Dubaï suite à une enquête de la police espagnole.
md5 (most of them provided by Symantec) :
2a343e2840ad4c38e00aa2d4f0a18d63 5841bd6493edf3c8539d72a1515cdd73 058923fb0cc862790d2a97bdd4b28884 335cbb6129efeb0b79dc2fe50ebb42b1 f76264b3f771e757a0c22799d22e0ac7 308424e866c86dc979cf13cad2a98b0d 5f98dd6149ac85b6d5f50a613dda4212 5cedfeab91a1de56878e9f3fa9626a17 cedfe0b8fdd42c735af26549963da480 1e698a07158acc2b2146455cb396661b bde20108f9d0def9e97476661aff3452 5393d2384faa8e87f8066771833f5a0d 8ddf6006aebdef3d9fc6b5348b63d9c3 30cd69fe28bae14bda5a5e04867368aa 31c12b227ed897fb44cfff1620411afc 4dcc387dda16a82badcba27ddda3ae29 76951ff824e90ea2f1f15f101097ffc3 50aafd2ec42cf21c237d6146da8bb4ec c7d9a6ee7b2fa9857b4b9be224cc3821 89c7b959e1146673515a66736b1ce11b 2d16bb9add3f91b2100001a6fce0af9a 6ec959eb9b0d3615aa73f4f36d9304d2 046d5e83393c1db9337fe8fc1e75665c c6232038564c1be8554364a59ca2d5b0 541662fe54e7607fcccba98051ebed36 9e944dabf9c9f8bc0ff6ec0dedce4455 0535086fb1b7d8a37b2c9dd16f9a805d 25d6614cfc404230d25acfcafb437964 73cecdbb872be4a7696d3d4c0e19ab09 6bec7eedd51991f582d740ab4ab523e1 239c06e68877d91687ba5ed1ccd6c105 ec099770bebc022be1bde101f82c884a ef3a5eb4a85a388edf7a7e083136edc4 4e4bd9a5c01ed4ea01bd3246f16bae0c 95683e88c71ee372314ad8953ce9e241 e2bb0028313ba43a2a92da484dea5a35 caff8f57c1c650843bdc71daf398d2c3 1d8c4a3320d0abad037311ae3fd9fbe2 430f57a5cffdf698cd9c97d86062252d 65e9ef4efd7366d659f3acece1370c07 6ac9f81c2be49c77dbec0ad5f6fc95c6 2a343e2840ad4c38e00aa2d4f0a18d63 20/11/12
Http get:
37.221.162.6 /i.php?a=866 20/11/12
Features
Associated images
Checksums / AV databases
Publications
Author | Editor | Year | |
---|---|---|---|
Trojan.Ransomgerpo criminal arrested | Symantec Security Response | Symantec | 2013 |