LooCipher Ransomware: Can Encrypted Files Be Recovered? | FortiGuard Labs
Tags
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Brute Force - T1110 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID e0033903-3fc1-40fd-9b28-02b0ce8fe1d0
Fingerprint b4f1985124049705
Analysis status DONE
Considered CTI value 0
Text language
Published July 10, 2019, midnight
Added to db Sept. 26, 2022, 9:31 a.m.
Last updated Dec. 19, 2024, 12:09 a.m.
Headline LooCipher Ransomware: Can Encrypted Files Be Recovered?
Title LooCipher Ransomware: Can Encrypted Files Be Recovered? | FortiGuard Labs
Detected Hints/Tags/Attributes 46/1/12
Source URLs
Redirection Url
Details Source https://www.fortinet.com/blog/threat-research/loocipher-can-encrypted-files-be-recovered.html
URL Provider
Details Provider Source level domain
Details fortinet.com www.fortinet.com
Attributes
Details Type #Events CTI Value
Details Domain 3 
hcwyo5rfapkytajg.onion.pet
Details Domain 3 
hcwyo5rfapkytajg.onion.sh
Details Domain 3 
hcwyo5rfapkytajg.onion.ws
Details Domain 3 
hcwyo5rfapkytajg.tor2web.xyz
Details File 15 
k.php
Details md5 1 
69604607186414680318386143262470
Details sha256 3 
924cc338d5d03f8914fe54f184596415563c4172679a950245ac94c80c023c7d
Details Url 1 
https://hcwyo5rfapkytajg.onion.pet
Details Url 1 
https://hcwyo5rfapkytajg.darknet.t
Details Url 1 
https://hcwyo5rfapkytajg.onion.sh
Details Url 1 
https://hcwyo5rfapkytajg.onion.ws
Details Url 1 
https://hcwyo5rfapkytajg.tor2web.xyz