JS/Nemucod (Zippy ransomeware)

Forum for analysis and discussion about malware.
heart888
Posts: 19
Joined: Tue Mar 01, 2016 11:04 pm

Sun Mar 05, 2017 11:09 pm

https://www.virustotal.com/en/file/3199 ... /analysis/

nemucod /downloader /downloads ransomware

wxw.dpolecnaz.top/admin.php?=1.gif
You do not have the required permissions to view the files attached to this post.
ikolor
Posts: 328
Joined: Thu Jun 05, 2014 2:20 pm
Location: Poland

Fri Apr 07, 2017 5:28 pm

You do not have the required permissions to view the files attached to this post.
ikolor
Posts: 328
Joined: Thu Jun 05, 2014 2:20 pm
Location: Poland

Thu Apr 27, 2017 2:54 pm

You do not have the required permissions to view the files attached to this post.
heart888
Posts: 19
Joined: Tue Mar 01, 2016 11:04 pm

Fri Jul 21, 2017 5:12 am

You do not have the required permissions to view the files attached to this post.
Antelox
Posts: 266
Joined: Sun Mar 21, 2010 10:38 pm
Contact:

Fri Jul 21, 2017 10:55 am

This is NemucodAES ransomware, a multipurpose javascript malware capable of encrypting file (last variant uses AES128) as well as downloading other malware families (usually Kovter).

BR,

Antelox
markusg
Posts: 735
Joined: Mon Mar 15, 2010 2:53 pm

Mon Jul 31, 2017 3:15 pm

ransomware downloader
You do not have the required permissions to view the files attached to this post.
ikolor
Posts: 328
Joined: Thu Jun 05, 2014 2:20 pm
Location: Poland

Sat Aug 05, 2017 12:24 pm

You do not have the required permissions to view the files attached to this post.
Post Reply