Genel Bakış

AvosLocker, ESXi'yi hedefleyen RaaS'tır.

MalwareBazaar İstihbarat Verileri

Hash Örnekleri (İlk 50)

SHA256MD5İlk GörülmeTipBoyut
5324de7cceaedc764c93... 2a56d7d69cb629f9... 2023-11-02 rar 31.161.899
bff12a83b1fc2e0ad000... 19944159dfa94a1b... 2023-01-24 exe 826.880
0b1f19ba8740b10ed017... b27f0f2826bacd32... 2022-12-18 exe 826.880
0f22ae8e435cfeb4e527... f091b9085d35e619... 2022-10-14 exe 826.880
5d6e4bd7bd7239fab20e... 1a23dd405a1bd4e4... 2022-10-04 exe 826.880
f8e99bbacc62b0f72aa1... 8da384b2427b8397... 2022-09-18 exe 826.880
0d094770db65ec637489... 2163c068a10608bb... 2022-04-20 exe 826.880
e9a7b43acdddc3d21019... afed45cd85a191fe... 2022-03-25 elf 1.619.392
cdca6936b880ab4559d3... a39b4bea47c4d123... 2022-03-25 elf 1.615.200
d7112a1e1c68c366c05b... aa3b3e182ee1bcb4... 2022-03-20 elf 1.620.064
10ab76cd6d6b50d26fde... f659d1d15d2e0f3b... 2022-01-18 elf 1.619.392
7c935dcd672c4854495f... e09183041930f37a... 2022-01-18 elf 1.619.392
0cd7b6ea8857ce827180... d3cafcd46dea26c3... 2022-01-18 elf 1.619.392
f810deb1ba171cea5b59... 27fc2796210dc3bf... 2021-12-24 exe 943.104
c0a42741eef72991d9d0... 825d6049ba8600ee... 2021-12-24 exe 941.120
84d94c032543e8797a51... 377676b06b8a28e6... 2021-12-24 exe 943.104
6cc510a772d7718c9521... 40f2238875fcbd2a... 2021-12-24 exe 941.056
718810b8eeb682fc70df... b76d1d3d2d403665... 2021-10-05 exe 943.104
bd88d415032eb24091c3... 044cdd8c2257effb... 2021-09-07 exe 941.056
fb544e1f74ce02937c3a... 76e177a94834b3f7... 2021-07-23 exe 412.160
43b7a60c0ef8b4af001f... d285f1366d0d4fda... 2021-07-23 exe 412.160

IOC Özeti

  • Bu analiz 21 adet benzersiz AvosLocker örneğini kapsar.
  • Toplam 42 hash IOC kayıt altına alındı.
  • Kampanya aktivitesi: 2021-07-23 ile 2023-11-02 arasında tespit edildi.

AvosLocker — Malware Profile

AvosLocker RaaS. CryptoPP AES-NI SIMD + ECDH. FBI/CISA uyarisi. ABD kritik altyapi.

Malware Type
Ransomware
Programming Language
C++
C2 Protocol
Target Systems
Windows/Linux

Capabilities & Behavior

Dosya Şifreleme (AES/RSA)
Gölge Kopya Silme
Yedek Kaldırma
Fidye Notu Oluşturma
Kalıcılık Sağlama
Ağ Paylaşımı Şifreleme
Anti-Analiz Teknikleri
Çift Gasp (Data Leak)

IOC List (84 indicators)

IOC — AvosLocker
# SHA256 fb544e1f74ce02937c3a3657be8d125d5953996115f65697b7d39e237020706f # SHA256 43b7a60c0ef8b4af001f45a0c57410b7374b1d75a6811e0dfc86e4d60f503856 # SHA256 5324de7cceaedc764c93700b3914d811a1a21bbd7dbcff63e8eb7d990eac3a8e # SHA256 bff12a83b1fc2e0ad0000ad9b68abc8eada559bb1094caaf5b9f52887df23705 # SHA256 0b1f19ba8740b10ed017671aab023228756a6864fb008bf23f3c606189bdcd98 # SHA256 0f22ae8e435cfeb4e527199c9083e7093c79892656eff686d55909e8528493db # SHA256 5d6e4bd7bd7239fab20e043fb292974497297af89759b1b0d48d7d006e5e96fa # SHA256 f8e99bbacc62b0f72aa12f5f92e35607fa0382a881fe4a4b9476fc6b87a03c78 # SHA256 0d094770db65ec637489116e1510ee787a48d6d130aad26ae40f7dbca6fe7182 # SHA256 e9a7b43acdddc3d2101995a2e2072381449054a7d8d381e6dc6ed64153c9c96a # SHA256 cdca6936b880ab4559d3d96101e38f0cf58b87d07b0c7bf708d078c2bf209460 # SHA256 d7112a1e1c68c366c05bbede9dbe782bb434231f84e5a72a724cc8345d8d9d13 # SHA256 10ab76cd6d6b50d26fde5fe54e8d80fceeb744de8dbafddff470939fac6a98c4 # SHA256 7c935dcd672c4854495f41008120288e8e1c144089f1f06a23bd0a0f52a544b1 # SHA256 0cd7b6ea8857ce827180342a1c955e79c3336a6cf2000244e5cfd4279c5fc1b6 # SHA256 f810deb1ba171cea5b595c6d3f816127fb182833f7a08a98de93226d4f6a336f # SHA256 c0a42741eef72991d9d0ee8b6c0531fc19151457a8b59bdcf7b6373d1fe56e02 # SHA256 84d94c032543e8797a514323b0b8fd8bd69b4183f17351628b13d1464093af2d # SHA256 6cc510a772d7718c95216eb56a84a96201241b264755f28875e685f06e95e1a2 # SHA256 718810b8eeb682fc70df602d952c0c83e028c5a5bfa44c506756980caf2edebb # SHA256 bd88d415032eb24091c352fc0732b31116f44a78d9333037bd7608289608d3cd # SHA256 fb544e1f74ce02937c3a3657be8d125d5953996115f65697b7d39e237020706f # SHA256 43b7a60c0ef8b4af001f45a0c57410b7374b1d75a6811e0dfc86e4d60f503856 # SHA256 5324de7cceaedc764c93700b3914d811a1a21bbd7dbcff63e8eb7d990eac3a8e # SHA256 bff12a83b1fc2e0ad0000ad9b68abc8eada559bb1094caaf5b9f52887df23705 # SHA256 0b1f19ba8740b10ed017671aab023228756a6864fb008bf23f3c606189bdcd98 # SHA256 0f22ae8e435cfeb4e527199c9083e7093c79892656eff686d55909e8528493db # SHA256 5d6e4bd7bd7239fab20e043fb292974497297af89759b1b0d48d7d006e5e96fa # SHA256 f8e99bbacc62b0f72aa12f5f92e35607fa0382a881fe4a4b9476fc6b87a03c78 # SHA256 0d094770db65ec637489116e1510ee787a48d6d130aad26ae40f7dbca6fe7182 # SHA256 e9a7b43acdddc3d2101995a2e2072381449054a7d8d381e6dc6ed64153c9c96a # SHA256 cdca6936b880ab4559d3d96101e38f0cf58b87d07b0c7bf708d078c2bf209460 # SHA256 d7112a1e1c68c366c05bbede9dbe782bb434231f84e5a72a724cc8345d8d9d13 # SHA256 10ab76cd6d6b50d26fde5fe54e8d80fceeb744de8dbafddff470939fac6a98c4 # SHA256 7c935dcd672c4854495f41008120288e8e1c144089f1f06a23bd0a0f52a544b1 # SHA256 0cd7b6ea8857ce827180342a1c955e79c3336a6cf2000244e5cfd4279c5fc1b6 # SHA256 f810deb1ba171cea5b595c6d3f816127fb182833f7a08a98de93226d4f6a336f # SHA256 c0a42741eef72991d9d0ee8b6c0531fc19151457a8b59bdcf7b6373d1fe56e02 # SHA256 84d94c032543e8797a514323b0b8fd8bd69b4183f17351628b13d1464093af2d # SHA256 6cc510a772d7718c95216eb56a84a96201241b264755f28875e685f06e95e1a2 # SHA256 718810b8eeb682fc70df602d952c0c83e028c5a5bfa44c506756980caf2edebb # SHA256 bd88d415032eb24091c352fc0732b31116f44a78d9333037bd7608289608d3cd # MD5 044cdd8c2257effbd764b0f8c1f7c617 # MD5 76e177a94834b3f7c63257bc8011f60f # MD5 d285f1366d0d4fdae0b558db690497ea # MD5 2a56d7d69cb629f91489f8ac45be7a15 # MD5 19944159dfa94a1b75effd85e6b906dc # MD5 b27f0f2826bacd329fb28d9cda002d7d # MD5 f091b9085d35e61945c743e3683b1b71 # MD5 1a23dd405a1bd4e488c5fb54f22e14ff # MD5 8da384b2427b8397a5934182c159c257 # MD5 2163c068a10608bbc6d721dba25b0c47 # MD5 afed45cd85a191fe3b2543e3ae6aa811 # MD5 a39b4bea47c4d123f8195a3ffb638a1b # MD5 aa3b3e182ee1bcb4c3f9b99337fa5db9 # MD5 f659d1d15d2e0f3bd87379f8e88c6b42 # MD5 e09183041930f37a38d0a776a63aa673 # MD5 d3cafcd46dea26c39dec17ca132e5138 # MD5 27fc2796210dc3bfdede6a69ac8fa3dd # MD5 825d6049ba8600ee5fefd817ac5444b4 # MD5 377676b06b8a28e60d638ab67df2bdb0 # MD5 40f2238875fcbd2a92cfefc4846a15a8 # MD5 b76d1d3d2d40366569da67620cf78a87 # MD5 044cdd8c2257effbd764b0f8c1f7c617 # MD5 76e177a94834b3f7c63257bc8011f60f # MD5 d285f1366d0d4fdae0b558db690497ea # MD5 2a56d7d69cb629f91489f8ac45be7a15 # MD5 19944159dfa94a1b75effd85e6b906dc # MD5 b27f0f2826bacd329fb28d9cda002d7d # MD5 f091b9085d35e61945c743e3683b1b71 # MD5 1a23dd405a1bd4e488c5fb54f22e14ff # MD5 8da384b2427b8397a5934182c159c257 # MD5 2163c068a10608bbc6d721dba25b0c47 # MD5 afed45cd85a191fe3b2543e3ae6aa811 # MD5 a39b4bea47c4d123f8195a3ffb638a1b # MD5 aa3b3e182ee1bcb4c3f9b99337fa5db9 # MD5 f659d1d15d2e0f3bd87379f8e88c6b42 # MD5 e09183041930f37a38d0a776a63aa673 # MD5 d3cafcd46dea26c39dec17ca132e5138 # MD5 27fc2796210dc3bfdede6a69ac8fa3dd # MD5 825d6049ba8600ee5fefd817ac5444b4 # MD5 377676b06b8a28e60d638ab67df2bdb0 # MD5 40f2238875fcbd2a92cfefc4846a15a8 # MD5 b76d1d3d2d40366569da67620cf78a87
TypeValueNote
sha256 fb544e1f74ce02937c3a3657be8d125d5953996115f65697b7d39e237020706f MB:AvosLocker
sha256 43b7a60c0ef8b4af001f45a0c57410b7374b1d75a6811e0dfc86e4d60f503856 MB:AvosLocker
sha256 5324de7cceaedc764c93700b3914d811a1a21bbd7dbcff63e8eb7d990eac3a8e MB:AvosLocker
sha256 bff12a83b1fc2e0ad0000ad9b68abc8eada559bb1094caaf5b9f52887df23705 MB:AvosLocker
sha256 0b1f19ba8740b10ed017671aab023228756a6864fb008bf23f3c606189bdcd98 MB:AvosLocker
sha256 0f22ae8e435cfeb4e527199c9083e7093c79892656eff686d55909e8528493db MB:AvosLocker
sha256 5d6e4bd7bd7239fab20e043fb292974497297af89759b1b0d48d7d006e5e96fa MB:AvosLocker
sha256 f8e99bbacc62b0f72aa12f5f92e35607fa0382a881fe4a4b9476fc6b87a03c78 MB:AvosLocker
sha256 0d094770db65ec637489116e1510ee787a48d6d130aad26ae40f7dbca6fe7182 MB:AvosLocker
sha256 e9a7b43acdddc3d2101995a2e2072381449054a7d8d381e6dc6ed64153c9c96a MB:AvosLocker
sha256 cdca6936b880ab4559d3d96101e38f0cf58b87d07b0c7bf708d078c2bf209460 MB:AvosLocker
sha256 d7112a1e1c68c366c05bbede9dbe782bb434231f84e5a72a724cc8345d8d9d13 MB:AvosLocker
sha256 10ab76cd6d6b50d26fde5fe54e8d80fceeb744de8dbafddff470939fac6a98c4 MB:AvosLocker
sha256 7c935dcd672c4854495f41008120288e8e1c144089f1f06a23bd0a0f52a544b1 MB:AvosLocker
sha256 0cd7b6ea8857ce827180342a1c955e79c3336a6cf2000244e5cfd4279c5fc1b6 MB:AvosLocker
sha256 f810deb1ba171cea5b595c6d3f816127fb182833f7a08a98de93226d4f6a336f MB:AvosLocker
sha256 c0a42741eef72991d9d0ee8b6c0531fc19151457a8b59bdcf7b6373d1fe56e02 MB:AvosLocker
sha256 84d94c032543e8797a514323b0b8fd8bd69b4183f17351628b13d1464093af2d MB:AvosLocker
sha256 6cc510a772d7718c95216eb56a84a96201241b264755f28875e685f06e95e1a2 MB:AvosLocker
sha256 718810b8eeb682fc70df602d952c0c83e028c5a5bfa44c506756980caf2edebb MB:AvosLocker
sha256 bd88d415032eb24091c352fc0732b31116f44a78d9333037bd7608289608d3cd MB:AvosLocker
sha256 fb544e1f74ce02937c3a3657be8d125d5953996115f65697b7d39e237020706f MB:AvosLocker
sha256 43b7a60c0ef8b4af001f45a0c57410b7374b1d75a6811e0dfc86e4d60f503856 MB:AvosLocker
sha256 5324de7cceaedc764c93700b3914d811a1a21bbd7dbcff63e8eb7d990eac3a8e MB:AvosLocker
sha256 bff12a83b1fc2e0ad0000ad9b68abc8eada559bb1094caaf5b9f52887df23705 MB:AvosLocker
sha256 0b1f19ba8740b10ed017671aab023228756a6864fb008bf23f3c606189bdcd98 MB:AvosLocker
sha256 0f22ae8e435cfeb4e527199c9083e7093c79892656eff686d55909e8528493db MB:AvosLocker
sha256 5d6e4bd7bd7239fab20e043fb292974497297af89759b1b0d48d7d006e5e96fa MB:AvosLocker
sha256 f8e99bbacc62b0f72aa12f5f92e35607fa0382a881fe4a4b9476fc6b87a03c78 MB:AvosLocker
sha256 0d094770db65ec637489116e1510ee787a48d6d130aad26ae40f7dbca6fe7182 MB:AvosLocker
sha256 e9a7b43acdddc3d2101995a2e2072381449054a7d8d381e6dc6ed64153c9c96a MB:AvosLocker
sha256 cdca6936b880ab4559d3d96101e38f0cf58b87d07b0c7bf708d078c2bf209460 MB:AvosLocker
sha256 d7112a1e1c68c366c05bbede9dbe782bb434231f84e5a72a724cc8345d8d9d13 MB:AvosLocker
sha256 10ab76cd6d6b50d26fde5fe54e8d80fceeb744de8dbafddff470939fac6a98c4 MB:AvosLocker
sha256 7c935dcd672c4854495f41008120288e8e1c144089f1f06a23bd0a0f52a544b1 MB:AvosLocker
sha256 0cd7b6ea8857ce827180342a1c955e79c3336a6cf2000244e5cfd4279c5fc1b6 MB:AvosLocker
sha256 f810deb1ba171cea5b595c6d3f816127fb182833f7a08a98de93226d4f6a336f MB:AvosLocker
sha256 c0a42741eef72991d9d0ee8b6c0531fc19151457a8b59bdcf7b6373d1fe56e02 MB:AvosLocker
sha256 84d94c032543e8797a514323b0b8fd8bd69b4183f17351628b13d1464093af2d MB:AvosLocker
sha256 6cc510a772d7718c95216eb56a84a96201241b264755f28875e685f06e95e1a2 MB:AvosLocker
sha256 718810b8eeb682fc70df602d952c0c83e028c5a5bfa44c506756980caf2edebb MB:AvosLocker
sha256 bd88d415032eb24091c352fc0732b31116f44a78d9333037bd7608289608d3cd MB:AvosLocker
md5 044cdd8c2257effbd764b0f8c1f7c617 MB:AvosLocker
md5 76e177a94834b3f7c63257bc8011f60f MB:AvosLocker
md5 d285f1366d0d4fdae0b558db690497ea MB:AvosLocker
md5 2a56d7d69cb629f91489f8ac45be7a15 MB:AvosLocker
md5 19944159dfa94a1b75effd85e6b906dc MB:AvosLocker
md5 b27f0f2826bacd329fb28d9cda002d7d MB:AvosLocker
md5 f091b9085d35e61945c743e3683b1b71 MB:AvosLocker
md5 1a23dd405a1bd4e488c5fb54f22e14ff MB:AvosLocker
md5 8da384b2427b8397a5934182c159c257 MB:AvosLocker
md5 2163c068a10608bbc6d721dba25b0c47 MB:AvosLocker
md5 afed45cd85a191fe3b2543e3ae6aa811 MB:AvosLocker
md5 a39b4bea47c4d123f8195a3ffb638a1b MB:AvosLocker
md5 aa3b3e182ee1bcb4c3f9b99337fa5db9 MB:AvosLocker
md5 f659d1d15d2e0f3bd87379f8e88c6b42 MB:AvosLocker
md5 e09183041930f37a38d0a776a63aa673 MB:AvosLocker
md5 d3cafcd46dea26c39dec17ca132e5138 MB:AvosLocker
md5 27fc2796210dc3bfdede6a69ac8fa3dd MB:AvosLocker
md5 825d6049ba8600ee5fefd817ac5444b4 MB:AvosLocker
md5 377676b06b8a28e60d638ab67df2bdb0 MB:AvosLocker
md5 40f2238875fcbd2a92cfefc4846a15a8 MB:AvosLocker
md5 b76d1d3d2d40366569da67620cf78a87 MB:AvosLocker
md5 044cdd8c2257effbd764b0f8c1f7c617 MB:AvosLocker
md5 76e177a94834b3f7c63257bc8011f60f MB:AvosLocker
md5 d285f1366d0d4fdae0b558db690497ea MB:AvosLocker
md5 2a56d7d69cb629f91489f8ac45be7a15 MB:AvosLocker
md5 19944159dfa94a1b75effd85e6b906dc MB:AvosLocker
md5 b27f0f2826bacd329fb28d9cda002d7d MB:AvosLocker
md5 f091b9085d35e61945c743e3683b1b71 MB:AvosLocker
md5 1a23dd405a1bd4e488c5fb54f22e14ff MB:AvosLocker
md5 8da384b2427b8397a5934182c159c257 MB:AvosLocker
md5 2163c068a10608bbc6d721dba25b0c47 MB:AvosLocker
md5 afed45cd85a191fe3b2543e3ae6aa811 MB:AvosLocker
md5 a39b4bea47c4d123f8195a3ffb638a1b MB:AvosLocker
md5 aa3b3e182ee1bcb4c3f9b99337fa5db9 MB:AvosLocker
md5 f659d1d15d2e0f3bd87379f8e88c6b42 MB:AvosLocker
md5 e09183041930f37a38d0a776a63aa673 MB:AvosLocker
md5 d3cafcd46dea26c39dec17ca132e5138 MB:AvosLocker
md5 27fc2796210dc3bfdede6a69ac8fa3dd MB:AvosLocker
md5 825d6049ba8600ee5fefd817ac5444b4 MB:AvosLocker
md5 377676b06b8a28e60d638ab67df2bdb0 MB:AvosLocker
md5 40f2238875fcbd2a92cfefc4846a15a8 MB:AvosLocker
md5 b76d1d3d2d40366569da67620cf78a87 MB:AvosLocker
Tags
bulkiocmalwarebazaarransomwareavoslocker