We are happy to announce that we are now featured as an alternative source on id-ransomware.

If you can't find a match using them we will be listed as an alternative source. Thank you MalwareHunterTeam for providing us with the opportunity to further help people in need!

🔒CryptoTester v1.7.1.0 for #Ransomware Analysis 🔍

Explicit PKCS #1 vs #8 key exports, Key Finder finds new formats, new encrypt algorithms, endianness flipping (byte/int32/int64), generate ECC keys, new derives (including Tiny-ECDH support), bugfixes.

github.com/Demonslay335/C…

🔒CryptoTester v1.7.0.0 for #Ransomware Analysis 🔍

Key Finder rewrite, new hashes, derive funcs, algorithms, padding modes, swap Hash and Derive process order, AES-CTR-LE, Encoding Param for RSA... another colossal update to read the changelog on. 😅

github.com/Demonslay335/C…

Here is an excellent writeup written by Claire Levin about an older vulnerable ransomware family called Jaff: clairelevin.github.io/malware/2023/0…. She is looking for a summer internship, by the way. So if you like what you read and have any opportunities open, make sure to reach out!

#DeadBolt #Ransomware Victims, check this site to see if they managed to get your key. Excellent work to the Dutch Police. 👏
deadbolt.responders.nu

New #MafiaWare666 #ransomware #decryption tool is now available! The tool and instructions on how to use it are on #AvastDecoded : decoded.avast.io/threatresearch… #DontPayUp

Check out my analysis of #LockBit #ransomware v2.0 where I analyze all of its functionalities in IDA!

chuongdong.com/reverse%20engi…

h/t to Will for the CTI and Michael Gillespie for helping with the crypto!

Stop/Djvu Ransomware (0411); Extension: .fopa; Ransom note: _readme.txt virustotal.com/gui/file/e684b… Karsten Hahn Michael Gillespie Amigo-A Lawrence Abrams Jakub Kroustek

Stop/Djvu Ransomware (0412); Extension: .qbaa; Ransom note: _readme.txt virustotal.com/gui/file/8ed6a… Karsten Hahn Michael Gillespie Amigo-A Lawrence Abrams Jakub Kroustek

Stop/Djvu Ransomware (0414); Extension: .vtym; Ransom note: _readme.txt virustotal.com/gui/file/440f3… Karsten Hahn Michael Gillespie Amigo-A Lawrence Abrams Jakub Kroustek

Stop/Djvu Ransomware (0415); Extension: .kqgs; Ransom note: _readme.txt virustotal.com/gui/file/fc6c6… Karsten Hahn Michael Gillespie Amigo-A Lawrence Abrams Jakub Kroustek

Stop/Djvu Ransomware (0418); Extension: ..bpqd; Ransom note: _readme.txt virustotal.com/gui/file/a6858… Karsten Hahn Michael Gillespie Amigo-A Lawrence Abrams Jakub Kroustek

Stop/Djvu Ransomware (0417); Extension: .xcbg; Ransom note: _readme.txt virustotal.com/gui/file/6ce97… Karsten Hahn Michael Gillespie Amigo-A Lawrence Abrams Jakub Kroustek

New blog post detailing the unpacking of #Pandora #Ransomware and similarities with Rook Ransomware. dissectingmalwa.re/blog/pandora/

'Acepy Ransomware' sample: d58379e5e6da8c6a53b39710814563d9c99d011e7a672d16d6e9a520516ee676
Michael Gillespie

Stop/Djvu Ransomware (0419); Extension: .vlff; Ransom note: _readme.txt virustotal.com/gui/file/80b21… Karsten Hahn Michael Gillespie Amigo-A Lawrence Abrams Jakub Kroustek

.chernobyl extension. Babuk ransomware family. Sample: virustotal.com/gui/file/049e5… Jakub Kroustek Amigo-A Lawrence Abrams Michael Gillespie

Stop/Djvu Ransomware (0407); Extension: .fgnh; Ransom note: _readme.txt virustotal.com/gui/file/d892b… Karsten Hahn Michael Gillespie Amigo-A Lawrence Abrams Jakub Kroustek