Geeks for your information Security Security Vendors CheckMAL CheckMAL Videos
AstraLocker v2.0 Ransomware (.AstraLocker)
AstraLocker v2.0 Ransomware (.AstraLocker)
jasonX Offline
Administrator
*******
Posts: 1,754
Threads: 441
Thanks Received: 6,607 in 1,738 posts
Thanks Given: 1,377
Joined: 14 August 18
#1
27 January 25, 09:19 (This post was last modified: 27 January 25, 09:20 by jasonX.)
AstraLocker v2.0 Ransomware (.AstraLocker) (2025. 01. 18. 434)
 
AppCheck Anti-Ransomware : AstraLocker v2.0 Ransomware (.AstraLocker) Block Video


Distribution Method : Unknown
 
MD5 : 8db7d5fb5cbdfc0731978261639f01a6
 
Major Detection Name : Ransom:Win32/Babuk.MAK!MTB (Microsoft), Ransom.Win32.BABUK.SMRD1 (Trend Micro)
 
Encrypted File Pattern : .AstraLocker
 
Payment Instruction File : Recover_Your_Files.html
 
Major Characteristics :
 
  • Offline Encryption
  • Babuk Locker / ChiChi Locker / DARKY LOCK / Delta Plus / Pandora / RA Group / Rook Ransomware series
  • Recovery Partition (M:\) + EFI System Partition (N:\) drives are activate.
  • Block processes execution (excel.exe, firefox.exe, oracle.exe, sql.exe, synctime.exe, thebat.exe etc.)
  • Stop multi services (backup, DefWatch, GxFWD, QBFCService, sophos, veeam etc.)
  • Disable system restore (vssadmin.exe delete shadows /all /quiet)




More Info HERE

Content lifted from CheckMAL site with permission
[-] The following 1 user says Thank You to jasonX for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
That weird CAPTCHA could be a malware t...
I hate captchas. One...akiratoriyama — 08:01
Audacity 3.0.5
Audacity 3.7.3 ...Kool — 15:17
That weird CAPTCHA could be a malware tr...
Follow the 'I'm no...harlan4096 — 12:26
RogueKiller 16.1.1
V16.1.1 03/11/2025...harlan4096 — 12:21
Hasleo Backup Suite 5.2
Hasleo Backup Suit...harlan4096 — 12:20

[-]
Birthdays
Today's Birthdays
avatar (50)tersfargum
avatar (49)alfreExept
Upcoming Birthdays
avatar (43)gapedDow
avatar (37)snorydar
avatar (42)Hectorvot
avatar (50)knowhanPluts
avatar (38)Williamengiz
avatar (45)qaqapeti
avatar (43)battsourIonix
avatar (42)CedricSek
avatar (38)chasRex
avatar (32)uteluxix
avatar (46)piafcflene
avatar (38)Matthewkah
avatar (37)Charlesfibre
avatar (37)francisnj3
avatar (42)artmaGoork

[-]
Online Staff
zevish's profile zevish

>