Geeks for your information Security Security Vendors CheckMAL CheckMAL Videos
AstraLocker v2.0 Ransomware (.AstraLocker)
AstraLocker v2.0 Ransomware (.AstraLocker)
jasonX Offline
Administrator
*******
Posts: 1,912
Threads: 488
Thanks Received: 6,827 in 1,890 posts
Thanks Given: 1,576
Joined: 14 August 18
#1
27 January 25, 09:19 (This post was last modified: 27 January 25, 09:20 by jasonX.)
AstraLocker v2.0 Ransomware (.AstraLocker) (2025. 01. 18. 434)
 
AppCheck Anti-Ransomware : AstraLocker v2.0 Ransomware (.AstraLocker) Block Video


Distribution Method : Unknown
 
MD5 : 8db7d5fb5cbdfc0731978261639f01a6
 
Major Detection Name : Ransom:Win32/Babuk.MAK!MTB (Microsoft), Ransom.Win32.BABUK.SMRD1 (Trend Micro)
 
Encrypted File Pattern : .AstraLocker
 
Payment Instruction File : Recover_Your_Files.html
 
Major Characteristics :
 
  • Offline Encryption
  • Babuk Locker / ChiChi Locker / DARKY LOCK / Delta Plus / Pandora / RA Group / Rook Ransomware series
  • Recovery Partition (M:\) + EFI System Partition (N:\) drives are activate.
  • Block processes execution (excel.exe, firefox.exe, oracle.exe, sql.exe, synctime.exe, thebat.exe etc.)
  • Stop multi services (backup, DefWatch, GxFWD, QBFCService, sophos, veeam etc.)
  • Disable system restore (vssadmin.exe delete shadows /all /quiet)




More Info HERE

Content lifted from CheckMAL site with permission
[-] The following 1 user says Thank You to jasonX for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
QOwnNotes
25.9.0 The Next...Kool — 10:33
Ashampoo® Folder Styler : Give Your Fold...
Ashampoo® Folder St...jasonX — 10:30
Ashampoo® Folder Styler
Ashampoo® Folder St...jasonX — 10:28
Windows 11 25H2 won't have any new featu...
Microsoft has conf...harlan4096 — 09:35
How to avoid becoming a money mule
This article expla...harlan4096 — 11:58

[-]
Birthdays
Today's Birthdays
avatar (39)Margieweimi
avatar (39)Larondabet
avatar ()tradedeer1
Upcoming Birthdays
avatar (38)fapedDow
avatar (48)pohudidere
avatar (40)obudyg
avatar (48)rarinsWax
avatar (25)DianaBrown
avatar (35)emyzowa
avatar (46)JustinPrede
avatar (38)eqiduseb
avatar (44)fedosmiday
avatar (41)brechTiz
avatar (47)schedZoorb
avatar (41)bgreorasjunior4824
avatar (45)ThomasLYDAY
avatar (40)upakoExapy
avatar (50)diplomasync
avatar (49)Myronjax
avatar (49)skepwHug
avatar (38)RicardoGoase
avatar (41)JaniceArods
avatar (42)Brianven
avatar (31)I3rYcE
avatar (42)Edwardgef
avatar (43)Denpokhew
avatar (35)azidony
avatar (40)maskbSleew

[-]
Online Staff
There are no staff members currently online.

>