Jump to content

bhc

Member
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Vector: Possibly email, looks to be like Craigslist though. Files renamed to .merry, also included in each directory/subdir the file merry_i_love_you_bruce.hta which displays the ransom ID. New email seems to be [email protected] Hybrid Analysis: https://www.hybrid-analysis.com/sample/28bda4bf96841c5734fc1dc9f7fe76724488a79cf177d3992c03eb88b8fdf36f?environmentId=100 Attached is the infection file. Current MCR tool doesn't seem to work on this variant, so hopefully this helps. In case your AV blocks it, encrypted 7z password is 123 . Chrome_Font.exe Chrome_Font_pass123.7z
×
×
  • Create New...