以下是2024年常见的勒索病毒后缀: .360、、mallox、rmallox、hmallox、kat6.l6st6r、DevicData-P-、id[XXXXXXXX-3455].[datarestore@cock.lu].Carver、id[XXXXXXXX-3475].[bkpsvr@firemail.cc].EKING、id[XXXXXXXX-3354].[metro777@cock.li].Elbie、backmydata@inbox.ru.、[XXXXXXXX].[datastore@cyberfear....
http://91.215.85.142:80/QWEwqdsvsf/ap.php 勒索软件服务器IP,关联样本主要涉及Mallox,GarrantDecrypt,Amadey恶意样本家族 4.恶意文件分析 4.1威胁分析 4.2加密前后对比 加密后 解密后 加密前 加密后 5.逆向分析 5.1选择性感染 与malloxx一样,rmallox也通过语言标识进行选择性感染。 LOWORD(v5)=GetUserDefaultLangI...
以下是2024年常见的勒索病毒后缀: .360、halo、mallox、rmallox、hmallox、kat6.l6st6r、DevicData-P-、id[XXXXXXXX-3455].[datarestore@cock.lu].Carver、id[XXXXXXXX-3475].[bkpsvr@firemail.cc].EKING、id[XXXXXXXX-3354].[metro777@cock.li].Elbie、backmydata@inbox.ru.、[XXXXXXXX].[datastore@cyberfe...
、[XXXXXXXX].[datastore@cyberfear.com].mkp、id[XXXXXXX-2939].[support2022@cock.li].faust、[XXXXXXXX].[henderson@cock.li].mkp、ma1x0、_locked、w、[Decrypt.tm@zohomail.eu] [XXXXXXXX]BlackBit、id[XXXXXXXX-3368].[thekeyishere@cock.li].Elbie、id[XXXXXXXX-3542].[nicetomeetyou@onionmail.org...
、[XXXXXXXX].[datastore@cyberfear.com].mkp、id[XXXXXXX-2939].[support2022@cock.li].faust、[XXXXXXXX].[henderson@cock.li].mkp、ma1x0、_locked、w、[Decrypt.tm@zohomail.eu] [XXXXXXXX]BlackBit、id[XXXXXXXX-3368].[thekeyishere@cock.li].Elbie、id[XXXXXXXX-3542].[nicetomeetyou@onionmail.org...
、[XXXXXXXX].[datastore@cyberfear.com].mkp、id[XXXXXXX-2939].[support2022@cock.li].faust、[XXXXXXXX].[henderson@cock.li].mkp、ma1x0、_locked、w、[Decrypt.tm@zohomail.eu] [XXXXXXXX]BlackBit、id[XXXXXXXX-3368].[thekeyishere@cock.li].Elbie、id[XXXXXXXX-3542].[nicetomeetyou@onionmail.org...