찾아줄게요
ENCRYPT 파일은 무엇입니까?
-
안녕하세요. 제 컴퓨터에서 ENCRYPT라는 파일을 찾았는데 이것이 무엇인지 잘 모르겠습니다. 알려주시면 감사하겠습니다.
-
ENCRYPT 파일은 Alpha 암호화 파일 입니다. Alpha에서 배포한 파일인 것으로 보입니다. 2017-10-20 05:29:41에 처음으로 보고되었으며 2017-10-20 05:29:41에 마지막으로 보고되었습니다.
-
Alpha 프로그램을 다운로드하여 ENCRYPT 파일을 열 수 있습니다.
-
Alpha 랜섬웨어 암호화 파일
Alpha ransomware encrypted file -
Read Me (How Decrypt) !!!! (TXT)
-
연관 링크 #1: 첨부된 링크가 없습니다.
-
연관 링크 #2: 첨부된 링크가 없습니다.
-
-
[2021-07-01 19:49:28] @ffforward 13.82.24.228 on @Azure has been used as #WarzoneRAT #AveMaria C2 for at least 12 days. Latest one from encrypted 7z > https://bazaar.abuse.ch/sample/8a1ceb6687babe6ab82a38ca344d1092a7fc9bd6dbaf3420a3311c50131928ef/ https://tria.ge/210701-nsawm3mcgn https://twitter.com/MBThreatIntel/status/1408064073963429900 https://twitter.com/ffforward/status/1410581320812556290/photo/1
-
[2021-06-28 17:45:02] @HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 45 VirusTotal: https://www.virustotal.com/gui/file/b65a61d71b8f8a20aaf335c20a8e4a75a9184c21b08a240eae1b436df42a79c5/detection/f-b65a61d71b8f8a20aaf335c20a8e4a75a9184c21b08a240eae1b436df42a79c5-1624281918 Threat: http://WannaCry.Ransom.Encrypt.DDS (Malwarebytes)
-
[2021-06-28 03:00:54] @ffforward (Thread) Very well executed unidentified campaign from friday. ????#covid19 #vaccine malspam from /cov19inf.com on @bacloud. with SPF and DKIM. Attached encrypted xlsm with unique(?) password with macro on close that drops 6KB dll loader that downloads 7MB EXE. C2 /usergtarca.com https://twitter.com/ffforward/status/1409240342533181442/photo/1
-
[2021-06-20 13:18:37] @xorhex #MustangPanda #PlugX variant Encrypted: https://www.virustotal.com/gui/file/0246bae3d010d2add808ecc97d8bf8b68f20301bd99f5cef85503894e3ad75cc/detection Decryption Key: 6f 41 68 53 4f 70 69 6b 56 6d Config: 185.239.226.17:965 185.239.226.17:110 103.200.97.189:965 103.200.97.189:110 https://twitter.com/xorhex/status/1406496693735067650/photo/1
-
[2021-05-26 15:10:04] @fbgwls245 #Ransom #ScreenLocker 620E4ECC23C7DC1A608031760107F1A5 "C:\Users\TEST\Desktop" (Extension No Change) Only this folder is encrypted. Unlock Code: unlock c:\Users\Montaser\Documents\Visual Studio 2012\Projects\RansomeWare\RansomeWare\obj\Debug\RansomeWare.pdb https://twitter.com/fbgwls245/status/1397465040991576064/photo/1
-
[2021-05-21 01:07:18] @dubstard ????@BalancerLabs ⚠ /balancer-exchange.com ☣ AS47583 81.16.28.85 ????@hostingconcepts @openprovider @openprovider_nl ???? @HostingerCOM ????@letsencrypt @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @PhishFort @phishunt_io @sniko @nullcookies @Spam404 @fcmartinelli #phishing https://twitter.com/dubstard/status/1395441012730994689/photo/1
-
[2021-05-21 00:32:55] @dubstard ???? @WalletConnect ⚠ /walletconnectweb.online ☣ AS47583 81.16.28.85 ????@HostingerCOM ???? @HostingerCOM ????@letsencrypt @ActorExpose @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @PhishFort @phishunt_io @sniko_ @nullcookies @Spam404 #phishing https://twitter.com/dubstard/status/1395432361358209029/photo/1
-
[2021-05-15 11:13:54] @fbgwls245 @siri_urz @Kangxiaopao @Amigo_A_ @demonslay335 .iam_watching #Ransomware 4B1F9FE113D148FF8010D1FAE56E4758 C:\Safe_Rebuild_v2\Safe_Rebuild_v2\Safe_Rebuild_v2\EncrypterPOC-main\EncrypterPOC-main\WindowsFormsApp1\obj\Debug\WindowsFormsApp1.pdb https://twitter.com/fbgwls245/status/1393419344470704128/photo/1
-
[2021-05-08 01:16:56] @michalmalik https://www.virustotal.com/gui/file/d5fc1d8567253f9bb03c9d4b809463c6f305711ade4c8cf619fb3ba32b3abc79/detection < Looks like a new Masuta variant called "Rimasuta" (based on Mirai). uses TEA to decrypt/encrypt strings with a message for @briankrebs "come at me krebs rimasuta go BRRT" ;-) https://twitter.com/michalmalik/status/1390732396274884610/photo/1
-
[2021-05-06 17:57:51] @fbgwls245 A41528AC976373F58A96F3185C48CE61 "Disco Ransomware" There is no encryption C:\Users\User\source\repos\DiscoRansomware\DiscoRansomware\obj\Debug\DiscoRansomware.pdb https://twitter.com/fbgwls245/status/1390259508715290624/photo/1
-
[2021-05-05 21:42:05] @QuoIntelligence @ESETresearch ???? Document delivered via an encrypted RAR: rheinmetall_job_requirements.rar - 26959c486fa1907a73bf96045af46bc8db3b50052e4cf44df5418999708e6e52 https://www.virustotal.com/gui/file/26959c486fa1907a73bf96045af46bc8db3b50052e4cf44df5418999708e6e52
-
[2021-04-19 00:45:42] @Arkbird_SOLG Not SideWinder that #APT36 with the operation SideCopy. that the similar copycat of .NET malware founded and the analysed in the past. Same TTPs and focus recon information (system.network ..). can execute a shell for commands. encrypt/decrypt with RC4. https://twitter.com/cyber__sloth/status/1383394061965348867 https://twitter.com/Arkbird_SOLG/status/1383839165440094210/photo/1
-
[2021-04-19 00:16:14] @GrujaRS Sample. #SunCrypt #Ransomware! Ransom note;YOUR_FILES_ARE_ENCRYPTED.HTML https://www.virustotal.com/gui/file/ca5751036a12d0a9fba5f2c6cd2bde61b9c40e1607f751c39212b9c9a94c6b5a/detection https://twitter.com/GrujaRS/status/1383831753136119818/photo/1
-
[2021-04-14 12:49:28] @dubstard ???? Fake @Uniswap ⚠ /uniswap-v3.org ☣ AS51167 144.91.76.234 ???????? ????Namecheap ???? Contabo ????letsencrypt @ActorExpose @B0R444 @BSI_Bund @CryptoPhishing @CryptoScamDB @haydenzadams @JAMESWT_MHT @JCyberSec_ @PhishFort @phishunt_io @sniko_ @tehnlulz @nullcookies @Spam404 https://twitter.com/dubstard/status/1382209369304088577/photo/1
-
[2021-04-13 14:29:18] @dubstard ???? @Uniswap ⚠ /v2-uniswap.io ☣ AS20473 158.247.216.196 ???????? ???? @Namecheap ???? AS-CHOOPA ???? @letsencrypt h/t @bunnymaid @ActorExpose @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @PhishFort @phishunt_io @sniko_ @tehnlulz @nullcookies @Spam404 @KrCERT https://twitter.com/dubstard/status/1381872106120613888/photo/1
-
[2021-04-12 22:58:45] @xorhex Pivoting off of https://www.virustotal.com/gui/file/0459e62c5444896d5be404c559c834ba455fa5cae1689c70fc8c61bc15468681/relations (used by a number of samples tied to #RedDelta / #MustangPanda) Leads to https://www.virustotal.com/gui/file/93d33626886e97abf4087f5445b2a02738ea21d8624b3f015625cd646e9d986e/detection Upon extraction. contains an encrypted #RedDelta #PlugX sample: https://www.virustotal.com/gui/file/e4c94cc2e53beb61184f587936ee8134e3ed81872d6ee763cac20557a5f1077c/detection 74668e84ee38695216ef737f389dc55c rainydaysweb.com https://twitter.com/xorhex/status/1381637924308025347/photo/1
-
[2021-04-12 22:15:18] @andpalmier http://sicurezza-dati-protezione.000webhostapp.com ???? @000webhost_com ☢️ AS204915 ???? https://urlscan.io/result/25d7cd60-3ede-476f-820f-4a9025ce5a1d/ http://networkltapp.com ???? @hostingconcepts ???? @letsencrypt ☢️ 109.106.246.72 (AS47583) ???? https://urlscan.io/result/a98df283-d049-4ef9-ab1f-28c771b4a579/
-
[2021-04-12 08:56:47] @papa_anniekey これ、通信先が日本なんですよね。 hxxp://13.114.247.134/winhace/*.exe Look at the Analysis of "BILL - APRIL KYC.xlsx" with malicious activity. https://app.any.run/tasks/499bc553-3b4c-4bcf-9444-7c48412f0afa #encrypted #exploit #CVE201711882 #loader @anyrun_app https://twitter.com/papa_anniekey/status/1381426038832439296/photo/1
-
[2021-04-07 22:47:36] @AvastThreatLabs New #Ursnif found: version 250. build 188. Now with AES encryption and RSA-1024 key https://www.virustotal.com/gui/file/796a4fbce5bcd184be7d05348f9a0a1d71468495dc690a7048421f108242e08f/detection
-
[2021-04-05 15:32:30] @dubstard ????@Uniswap ⚠ /uniswap.xeth2.org ☣ AS29066 78.138.96.3???????? ????@Endurance_Group #PublicDomainRegistry ???? @velia_net ????@Letsencrypt @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @PhishStats @PhishFort @phishunt_io @sniko_ @tehnlulz @nullcookies @Spam404 #phishing https://twitter.com/dubstard/status/1378988905505120256/photo/1
-
[2021-04-04 11:57:40] @dubstard ????@Uniswap ⚠ /app.uniswap.org-holders-airdrop.com ☣ AS19318 162.250.122.147 ???????? ????@namesilo ???? @interserver ????@Letsencrypt h/t @bunnymaid cc @ActorExpose @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @phishunt_io @PhishFindR @PhishFeed @PhishFort @sniko_ https://twitter.com/dubstard/status/1378572453870456832/photo/1
-
[2021-04-01 22:33:31] @andpalmier http://portale-info.com ???? @internetbs ???? @letsencrypt ☢️ 82.221.105.125 (AS44515) ???? https://urlscan.io/result/b07380a4-362f-4f6a-88e8-3eb370f62f88/ https://mail.register-app-sicurezza.com/index.html ???? @NameCheap ???? @SectigoHQ ☢️ 199.188.205.43 (AS22612) ???? https://urlscan.io/result/57c52e1d-1166-48e8-b49b-85919677da71/
-
[2021-04-01 22:33:31] @andpalmier https://app-aggiorna.com/info/index.html ???? @NameCheap ???? @SectigoHQ ☢️ 199.188.201.216 (AS22612) ???? https://urlscan.io/result/9f24821c-cd48-4f75-89fe-f2d298d84b30/ https://accesso.portale.clienti.corlutvservisi.com ???? @realtime_reg ???? @letsencrypt ☢️ 78.142.208.52 (AS209853) ???? https://urlscan.io/result/ec5b18aa-8ae3-4455-89f4-5d8b46c42828/
-
[2021-04-01 22:33:31] @andpalmier http://accesso.portale.clienti.callcenter.britishonline.co ???? @GoDaddyHelp ???? @letsencrypt ☢️ 162.214.20.225 ???? https://urlscan.io/result/6075e8e9-a35e-4912-9b5b-942ebe0eaba9/ http://posteitali.temp.swtest.ru/PosteItaliene/Seleccione_medio_de_pago.php ???? #SpaceWeb ☢️ 77.222.40.109 ???? https://urlscan.io/result/0fcec4e7-473b-4bb6-af9a-bc6b94147a8f/
-
[2021-03-29 21:07:32] @rufusmbrown Undetected ???? #BEACON ???? loader on VT.. https://www.virustotal.com/gui/file/64f6a67a9bfd15f1f363fd13996b530b55fa50bdb63669b90800391095f1c262/detection - Exports: StartW - Decrypts and loads RC4 encrypted resource section (HTTPS stager) - JQuery Malleable C2 profile - C2: shopforenz.com https://twitter.com/rufusmbrown/status/1376536507545161732/photo/1
-
[2021-03-29 04:43:38] @3XS0 #Hiddentear #Ransomware extension .Encrypted Samle https://www.virustotal.com/gui/file/30d595247375a638bb26f8236cc179af2e9b8ea5efe7a345183c2c7b43450bdf/detection https://twitter.com/3XS0/status/1376288901334237186/photo/1
-
[2021-03-28 17:10:12] @dubstard ???? Fake @binance "giveaway" #scam ⚠ /eventdrop.club ☣ AS14061 206.189.58.26 ???????? ????@tucows ???? @digitalocean ????@Letsencrypt Scam wallet 3CVSbifH27GZVVBRyMcUoyU2SRdYGZ2vq9 0x555127cCE1e723Ad844e1Af848009475c2F23bB6 cc @ActorExpose @CryptoPhishing @CryptoScamDB @sniko_ https://twitter.com/dubstard/status/1376114392719364098/photo/1
-
[2021-03-28 16:06:35] @3XS0 #Hiddentear #Ransomware extension .Encrypted Samle https://www.virustotal.com/gui/file/30d595247375a638bb26f8236cc179af2e9b8ea5efe7a345183c2c7b43450bdf/detection https://twitter.com/3XS0/status/1376098382100492296/photo/1
-
[2021-03-27 22:38:21] @andpalmier E questo e' tutto! Qui trovate i dettagli del kit: https://www.accesso.portale.clienti.callcenter.britishonline.co ???? @GoDaddyHelp ???? @letsencrypt ☢️ 162.214.20.225 (AS46606) ???? https://urlscan.io/result/3a5e3a9d-0ad8-4947-ba7f-40e0d4fdf845/
-
[2021-03-27 00:22:12] @andpalmier https://accesso.portale.clienti.callcenter.britishonline.co ???? @GoDaddyHelp ???? @letsencrypt ☢️ 162.214.20.225 (AS46606) ???? https://urlscan.io/result/ea792cb0-1a28-4977-a7b2-2ed2fb54d418/ http://montepaschigruppo.org ???? #PublicDomainRegistry ???? @cpanel ☢️ 104.248.81.80 (AS14061) ???? https://urlscan.io/result/a56ed3cc-0cb4-4191-9c92-19d11d507235/
-
보이스피싱, 불법촬영물, 랜섬웨어, 사이버 안보위협 등에 관련된 사안의 경우 다음과 같은 기관 및 단체의 도움을 받을 수 있습니다. 노모어랜섬(No More Ransom) 경찰청 사이버범죄 신고시스템 국가정보원 민원센터