Toot

Written by abuse.ch :verified: on 2024-12-16 at 16:39

Can someone label this #Ransomware family? Spread through malspam with a VBS attachment 🔍👀

Ransom note: Decryptfiles.txt 🔐

Email: edfr789@tutanota.com / edfr789@tutamail.com 📧

VBS:

📄 https://bazaar.abuse.ch/sample/f7cbe1d0926c6e0895951882ff430d624630cd14b4d3b1a4c837a3feac71dd48/

Payload (exe):

⚙️ https://bazaar.abuse.ch/sample/d2100ffe58eb50c05d97a3da738ccd1f0be9672c057c26a10140af80595b78c3/

Payload (dll):

🖱️ https://bazaar.abuse.ch/sample/4b4a87552c44158fb53a72c7294319b0ddde9f99f460425ad5997d3b9121cd1e/

Decoy PDF ⤵️⤵️⤵️⤵️

=> View attached media

=> More informations about this toot | View the thread | More toots from abuse_ch@ioc.exchange

Mentions

Tags

=> View ransomware tag

Proxy Information
Original URL
gemini://mastogem.picasoft.net/toot/113663485332913450
Status Code
Success (20)
Meta
text/gemini
Capsule Response Time
241.654263 milliseconds
Gemini-to-HTML Time
0.651276 milliseconds

This content has been proxied by September (3851b).