Geeks for your information Security Security Vendors CheckMAL CheckMAL Videos
AstraLocker v2.0 Ransomware (.AstraLocker)
AstraLocker v2.0 Ransomware (.AstraLocker)
jasonX Offline
Administrator
*******
Posts: 1,828
Threads: 467
Thanks Received: 6,716 in 1,811 posts
Thanks Given: 1,497
Joined: 14 August 18
#1
27 January 25, 09:19 (This post was last modified: 27 January 25, 09:20 by jasonX.)
AstraLocker v2.0 Ransomware (.AstraLocker) (2025. 01. 18. 434)
 
AppCheck Anti-Ransomware : AstraLocker v2.0 Ransomware (.AstraLocker) Block Video


Distribution Method : Unknown
 
MD5 : 8db7d5fb5cbdfc0731978261639f01a6
 
Major Detection Name : Ransom:Win32/Babuk.MAK!MTB (Microsoft), Ransom.Win32.BABUK.SMRD1 (Trend Micro)
 
Encrypted File Pattern : .AstraLocker
 
Payment Instruction File : Recover_Your_Files.html
 
Major Characteristics :
 
  • Offline Encryption
  • Babuk Locker / ChiChi Locker / DARKY LOCK / Delta Plus / Pandora / RA Group / Rook Ransomware series
  • Recovery Partition (M:\) + EFI System Partition (N:\) drives are activate.
  • Block processes execution (excel.exe, firefox.exe, oracle.exe, sql.exe, synctime.exe, thebat.exe etc.)
  • Stop multi services (backup, DefWatch, GxFWD, QBFCService, sophos, veeam etc.)
  • Disable system restore (vssadmin.exe delete shadows /all /quiet)




More Info HERE

Content lifted from CheckMAL site with permission
[-] The following 1 user says Thank You to jasonX for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Adobe Acrobat Reader DC 2025.001.20521
Adobe Acrobat Read...harlan4096 — 07:40
Panda Free Anti-Virus 22.03.04
Panda Free Anti-Vi...harlan4096 — 07:38
Google Chrome 137.0.7151.68/.69
Google Chrome 137....harlan4096 — 07:37
Microsoft Edge 137.0.3296.58
Version 137.0.3296...harlan4096 — 07:34
Thunderbird version 139.0.1
Thunderbird versio...harlan4096 — 07:33

[-]
Birthdays
Today's Birthdays
avatar (49)eapedDow
avatar (46)Carlosskake
Upcoming Birthdays
avatar (47)BrantgoG
avatar (41)tapedDow
avatar (48)rapedDow
avatar (43)Johnsonsyday
avatar (48)Groktus
avatar (40)efodo
avatar (38)Tedscolo
avatar (45)brakasig
avatar (44)JamesReshy
avatar (46)Francisemefe
avatar (39)leoniDup
avatar (38)Patrizaancem
avatar (50)smudloquask
avatar (45)benchJem
avatar (38)biobdam
avatar (41)zacforat
avatar (46)NemrokReks
avatar (49)Jasoncedia
avatar (37)Barrackleve
avatar (39)Julioagopy
avatar (49)aolaupitt2558
avatar (47)vadimTob
avatar (37)leannauu4
avatar (39)storoBox
avatar (47)kinotHeemn
avatar (38)Ceballos1976
avatar (39)efynu
avatar (31)horancos

[-]
Online Staff
There are no staff members currently online.

>