Genel Bakış
AvosLocker, ESXi'yi hedefleyen RaaS'tır.
MalwareBazaar İstihbarat Verileri
Hash Örnekleri (İlk 50)
| SHA256 | MD5 | İlk Görülme | Tip | Boyut |
|---|---|---|---|---|
| 5324de7cceaedc764c93... | 2a56d7d69cb629f9... | 2023-11-02 | rar | 31.161.899 |
| bff12a83b1fc2e0ad000... | 19944159dfa94a1b... | 2023-01-24 | exe | 826.880 |
| 0b1f19ba8740b10ed017... | b27f0f2826bacd32... | 2022-12-18 | exe | 826.880 |
| 0f22ae8e435cfeb4e527... | f091b9085d35e619... | 2022-10-14 | exe | 826.880 |
| 5d6e4bd7bd7239fab20e... | 1a23dd405a1bd4e4... | 2022-10-04 | exe | 826.880 |
| f8e99bbacc62b0f72aa1... | 8da384b2427b8397... | 2022-09-18 | exe | 826.880 |
| 0d094770db65ec637489... | 2163c068a10608bb... | 2022-04-20 | exe | 826.880 |
| e9a7b43acdddc3d21019... | afed45cd85a191fe... | 2022-03-25 | elf | 1.619.392 |
| cdca6936b880ab4559d3... | a39b4bea47c4d123... | 2022-03-25 | elf | 1.615.200 |
| d7112a1e1c68c366c05b... | aa3b3e182ee1bcb4... | 2022-03-20 | elf | 1.620.064 |
| 10ab76cd6d6b50d26fde... | f659d1d15d2e0f3b... | 2022-01-18 | elf | 1.619.392 |
| 7c935dcd672c4854495f... | e09183041930f37a... | 2022-01-18 | elf | 1.619.392 |
| 0cd7b6ea8857ce827180... | d3cafcd46dea26c3... | 2022-01-18 | elf | 1.619.392 |
| f810deb1ba171cea5b59... | 27fc2796210dc3bf... | 2021-12-24 | exe | 943.104 |
| c0a42741eef72991d9d0... | 825d6049ba8600ee... | 2021-12-24 | exe | 941.120 |
| 84d94c032543e8797a51... | 377676b06b8a28e6... | 2021-12-24 | exe | 943.104 |
| 6cc510a772d7718c9521... | 40f2238875fcbd2a... | 2021-12-24 | exe | 941.056 |
| 718810b8eeb682fc70df... | b76d1d3d2d403665... | 2021-10-05 | exe | 943.104 |
| bd88d415032eb24091c3... | 044cdd8c2257effb... | 2021-09-07 | exe | 941.056 |
| fb544e1f74ce02937c3a... | 76e177a94834b3f7... | 2021-07-23 | exe | 412.160 |
| 43b7a60c0ef8b4af001f... | d285f1366d0d4fda... | 2021-07-23 | exe | 412.160 |
IOC Özeti
- Bu analiz 21 adet benzersiz AvosLocker örneğini kapsar.
- Toplam 42 hash IOC kayıt altına alındı.
- Kampanya aktivitesi: 2021-07-23 ile 2023-11-02 arasında tespit edildi.
AvosLocker — Malware Profile
AvosLocker RaaS. CryptoPP AES-NI SIMD + ECDH. FBI/CISA uyarisi. ABD kritik altyapi.
Malware Type
Ransomware
Programming Language
C++
C2 Protocol
—
Target Systems
Windows/Linux
Capabilities & Behavior
Dosya Şifreleme (AES/RSA)
Gölge Kopya Silme
Yedek Kaldırma
Fidye Notu Oluşturma
Kalıcılık Sağlama
Ağ Paylaşımı Şifreleme
Anti-Analiz Teknikleri
Çift Gasp (Data Leak)
IOC List (84 indicators)
IOC — AvosLocker
# SHA256
fb544e1f74ce02937c3a3657be8d125d5953996115f65697b7d39e237020706f
# SHA256
43b7a60c0ef8b4af001f45a0c57410b7374b1d75a6811e0dfc86e4d60f503856
# SHA256
5324de7cceaedc764c93700b3914d811a1a21bbd7dbcff63e8eb7d990eac3a8e
# SHA256
bff12a83b1fc2e0ad0000ad9b68abc8eada559bb1094caaf5b9f52887df23705
# SHA256
0b1f19ba8740b10ed017671aab023228756a6864fb008bf23f3c606189bdcd98
# SHA256
0f22ae8e435cfeb4e527199c9083e7093c79892656eff686d55909e8528493db
# SHA256
5d6e4bd7bd7239fab20e043fb292974497297af89759b1b0d48d7d006e5e96fa
# SHA256
f8e99bbacc62b0f72aa12f5f92e35607fa0382a881fe4a4b9476fc6b87a03c78
# SHA256
0d094770db65ec637489116e1510ee787a48d6d130aad26ae40f7dbca6fe7182
# SHA256
e9a7b43acdddc3d2101995a2e2072381449054a7d8d381e6dc6ed64153c9c96a
# SHA256
cdca6936b880ab4559d3d96101e38f0cf58b87d07b0c7bf708d078c2bf209460
# SHA256
d7112a1e1c68c366c05bbede9dbe782bb434231f84e5a72a724cc8345d8d9d13
# SHA256
10ab76cd6d6b50d26fde5fe54e8d80fceeb744de8dbafddff470939fac6a98c4
# SHA256
7c935dcd672c4854495f41008120288e8e1c144089f1f06a23bd0a0f52a544b1
# SHA256
0cd7b6ea8857ce827180342a1c955e79c3336a6cf2000244e5cfd4279c5fc1b6
# SHA256
f810deb1ba171cea5b595c6d3f816127fb182833f7a08a98de93226d4f6a336f
# SHA256
c0a42741eef72991d9d0ee8b6c0531fc19151457a8b59bdcf7b6373d1fe56e02
# SHA256
84d94c032543e8797a514323b0b8fd8bd69b4183f17351628b13d1464093af2d
# SHA256
6cc510a772d7718c95216eb56a84a96201241b264755f28875e685f06e95e1a2
# SHA256
718810b8eeb682fc70df602d952c0c83e028c5a5bfa44c506756980caf2edebb
# SHA256
bd88d415032eb24091c352fc0732b31116f44a78d9333037bd7608289608d3cd
# SHA256
fb544e1f74ce02937c3a3657be8d125d5953996115f65697b7d39e237020706f
# SHA256
43b7a60c0ef8b4af001f45a0c57410b7374b1d75a6811e0dfc86e4d60f503856
# SHA256
5324de7cceaedc764c93700b3914d811a1a21bbd7dbcff63e8eb7d990eac3a8e
# SHA256
bff12a83b1fc2e0ad0000ad9b68abc8eada559bb1094caaf5b9f52887df23705
# SHA256
0b1f19ba8740b10ed017671aab023228756a6864fb008bf23f3c606189bdcd98
# SHA256
0f22ae8e435cfeb4e527199c9083e7093c79892656eff686d55909e8528493db
# SHA256
5d6e4bd7bd7239fab20e043fb292974497297af89759b1b0d48d7d006e5e96fa
# SHA256
f8e99bbacc62b0f72aa12f5f92e35607fa0382a881fe4a4b9476fc6b87a03c78
# SHA256
0d094770db65ec637489116e1510ee787a48d6d130aad26ae40f7dbca6fe7182
# SHA256
e9a7b43acdddc3d2101995a2e2072381449054a7d8d381e6dc6ed64153c9c96a
# SHA256
cdca6936b880ab4559d3d96101e38f0cf58b87d07b0c7bf708d078c2bf209460
# SHA256
d7112a1e1c68c366c05bbede9dbe782bb434231f84e5a72a724cc8345d8d9d13
# SHA256
10ab76cd6d6b50d26fde5fe54e8d80fceeb744de8dbafddff470939fac6a98c4
# SHA256
7c935dcd672c4854495f41008120288e8e1c144089f1f06a23bd0a0f52a544b1
# SHA256
0cd7b6ea8857ce827180342a1c955e79c3336a6cf2000244e5cfd4279c5fc1b6
# SHA256
f810deb1ba171cea5b595c6d3f816127fb182833f7a08a98de93226d4f6a336f
# SHA256
c0a42741eef72991d9d0ee8b6c0531fc19151457a8b59bdcf7b6373d1fe56e02
# SHA256
84d94c032543e8797a514323b0b8fd8bd69b4183f17351628b13d1464093af2d
# SHA256
6cc510a772d7718c95216eb56a84a96201241b264755f28875e685f06e95e1a2
# SHA256
718810b8eeb682fc70df602d952c0c83e028c5a5bfa44c506756980caf2edebb
# SHA256
bd88d415032eb24091c352fc0732b31116f44a78d9333037bd7608289608d3cd
# MD5
044cdd8c2257effbd764b0f8c1f7c617
# MD5
76e177a94834b3f7c63257bc8011f60f
# MD5
d285f1366d0d4fdae0b558db690497ea
# MD5
2a56d7d69cb629f91489f8ac45be7a15
# MD5
19944159dfa94a1b75effd85e6b906dc
# MD5
b27f0f2826bacd329fb28d9cda002d7d
# MD5
f091b9085d35e61945c743e3683b1b71
# MD5
1a23dd405a1bd4e488c5fb54f22e14ff
# MD5
8da384b2427b8397a5934182c159c257
# MD5
2163c068a10608bbc6d721dba25b0c47
# MD5
afed45cd85a191fe3b2543e3ae6aa811
# MD5
a39b4bea47c4d123f8195a3ffb638a1b
# MD5
aa3b3e182ee1bcb4c3f9b99337fa5db9
# MD5
f659d1d15d2e0f3bd87379f8e88c6b42
# MD5
e09183041930f37a38d0a776a63aa673
# MD5
d3cafcd46dea26c39dec17ca132e5138
# MD5
27fc2796210dc3bfdede6a69ac8fa3dd
# MD5
825d6049ba8600ee5fefd817ac5444b4
# MD5
377676b06b8a28e60d638ab67df2bdb0
# MD5
40f2238875fcbd2a92cfefc4846a15a8
# MD5
b76d1d3d2d40366569da67620cf78a87
# MD5
044cdd8c2257effbd764b0f8c1f7c617
# MD5
76e177a94834b3f7c63257bc8011f60f
# MD5
d285f1366d0d4fdae0b558db690497ea
# MD5
2a56d7d69cb629f91489f8ac45be7a15
# MD5
19944159dfa94a1b75effd85e6b906dc
# MD5
b27f0f2826bacd329fb28d9cda002d7d
# MD5
f091b9085d35e61945c743e3683b1b71
# MD5
1a23dd405a1bd4e488c5fb54f22e14ff
# MD5
8da384b2427b8397a5934182c159c257
# MD5
2163c068a10608bbc6d721dba25b0c47
# MD5
afed45cd85a191fe3b2543e3ae6aa811
# MD5
a39b4bea47c4d123f8195a3ffb638a1b
# MD5
aa3b3e182ee1bcb4c3f9b99337fa5db9
# MD5
f659d1d15d2e0f3bd87379f8e88c6b42
# MD5
e09183041930f37a38d0a776a63aa673
# MD5
d3cafcd46dea26c39dec17ca132e5138
# MD5
27fc2796210dc3bfdede6a69ac8fa3dd
# MD5
825d6049ba8600ee5fefd817ac5444b4
# MD5
377676b06b8a28e60d638ab67df2bdb0
# MD5
40f2238875fcbd2a92cfefc4846a15a8
# MD5
b76d1d3d2d40366569da67620cf78a87
| Type | Value | Note |
|---|---|---|
| sha256 | fb544e1f74ce02937c3a3657be8d125d5953996115f65697b7d39e237020706f | MB:AvosLocker |
| sha256 | 43b7a60c0ef8b4af001f45a0c57410b7374b1d75a6811e0dfc86e4d60f503856 | MB:AvosLocker |
| sha256 | 5324de7cceaedc764c93700b3914d811a1a21bbd7dbcff63e8eb7d990eac3a8e | MB:AvosLocker |
| sha256 | bff12a83b1fc2e0ad0000ad9b68abc8eada559bb1094caaf5b9f52887df23705 | MB:AvosLocker |
| sha256 | 0b1f19ba8740b10ed017671aab023228756a6864fb008bf23f3c606189bdcd98 | MB:AvosLocker |
| sha256 | 0f22ae8e435cfeb4e527199c9083e7093c79892656eff686d55909e8528493db | MB:AvosLocker |
| sha256 | 5d6e4bd7bd7239fab20e043fb292974497297af89759b1b0d48d7d006e5e96fa | MB:AvosLocker |
| sha256 | f8e99bbacc62b0f72aa12f5f92e35607fa0382a881fe4a4b9476fc6b87a03c78 | MB:AvosLocker |
| sha256 | 0d094770db65ec637489116e1510ee787a48d6d130aad26ae40f7dbca6fe7182 | MB:AvosLocker |
| sha256 | e9a7b43acdddc3d2101995a2e2072381449054a7d8d381e6dc6ed64153c9c96a | MB:AvosLocker |
| sha256 | cdca6936b880ab4559d3d96101e38f0cf58b87d07b0c7bf708d078c2bf209460 | MB:AvosLocker |
| sha256 | d7112a1e1c68c366c05bbede9dbe782bb434231f84e5a72a724cc8345d8d9d13 | MB:AvosLocker |
| sha256 | 10ab76cd6d6b50d26fde5fe54e8d80fceeb744de8dbafddff470939fac6a98c4 | MB:AvosLocker |
| sha256 | 7c935dcd672c4854495f41008120288e8e1c144089f1f06a23bd0a0f52a544b1 | MB:AvosLocker |
| sha256 | 0cd7b6ea8857ce827180342a1c955e79c3336a6cf2000244e5cfd4279c5fc1b6 | MB:AvosLocker |
| sha256 | f810deb1ba171cea5b595c6d3f816127fb182833f7a08a98de93226d4f6a336f | MB:AvosLocker |
| sha256 | c0a42741eef72991d9d0ee8b6c0531fc19151457a8b59bdcf7b6373d1fe56e02 | MB:AvosLocker |
| sha256 | 84d94c032543e8797a514323b0b8fd8bd69b4183f17351628b13d1464093af2d | MB:AvosLocker |
| sha256 | 6cc510a772d7718c95216eb56a84a96201241b264755f28875e685f06e95e1a2 | MB:AvosLocker |
| sha256 | 718810b8eeb682fc70df602d952c0c83e028c5a5bfa44c506756980caf2edebb | MB:AvosLocker |
| sha256 | bd88d415032eb24091c352fc0732b31116f44a78d9333037bd7608289608d3cd | MB:AvosLocker |
| sha256 | fb544e1f74ce02937c3a3657be8d125d5953996115f65697b7d39e237020706f | MB:AvosLocker |
| sha256 | 43b7a60c0ef8b4af001f45a0c57410b7374b1d75a6811e0dfc86e4d60f503856 | MB:AvosLocker |
| sha256 | 5324de7cceaedc764c93700b3914d811a1a21bbd7dbcff63e8eb7d990eac3a8e | MB:AvosLocker |
| sha256 | bff12a83b1fc2e0ad0000ad9b68abc8eada559bb1094caaf5b9f52887df23705 | MB:AvosLocker |
| sha256 | 0b1f19ba8740b10ed017671aab023228756a6864fb008bf23f3c606189bdcd98 | MB:AvosLocker |
| sha256 | 0f22ae8e435cfeb4e527199c9083e7093c79892656eff686d55909e8528493db | MB:AvosLocker |
| sha256 | 5d6e4bd7bd7239fab20e043fb292974497297af89759b1b0d48d7d006e5e96fa | MB:AvosLocker |
| sha256 | f8e99bbacc62b0f72aa12f5f92e35607fa0382a881fe4a4b9476fc6b87a03c78 | MB:AvosLocker |
| sha256 | 0d094770db65ec637489116e1510ee787a48d6d130aad26ae40f7dbca6fe7182 | MB:AvosLocker |
| sha256 | e9a7b43acdddc3d2101995a2e2072381449054a7d8d381e6dc6ed64153c9c96a | MB:AvosLocker |
| sha256 | cdca6936b880ab4559d3d96101e38f0cf58b87d07b0c7bf708d078c2bf209460 | MB:AvosLocker |
| sha256 | d7112a1e1c68c366c05bbede9dbe782bb434231f84e5a72a724cc8345d8d9d13 | MB:AvosLocker |
| sha256 | 10ab76cd6d6b50d26fde5fe54e8d80fceeb744de8dbafddff470939fac6a98c4 | MB:AvosLocker |
| sha256 | 7c935dcd672c4854495f41008120288e8e1c144089f1f06a23bd0a0f52a544b1 | MB:AvosLocker |
| sha256 | 0cd7b6ea8857ce827180342a1c955e79c3336a6cf2000244e5cfd4279c5fc1b6 | MB:AvosLocker |
| sha256 | f810deb1ba171cea5b595c6d3f816127fb182833f7a08a98de93226d4f6a336f | MB:AvosLocker |
| sha256 | c0a42741eef72991d9d0ee8b6c0531fc19151457a8b59bdcf7b6373d1fe56e02 | MB:AvosLocker |
| sha256 | 84d94c032543e8797a514323b0b8fd8bd69b4183f17351628b13d1464093af2d | MB:AvosLocker |
| sha256 | 6cc510a772d7718c95216eb56a84a96201241b264755f28875e685f06e95e1a2 | MB:AvosLocker |
| sha256 | 718810b8eeb682fc70df602d952c0c83e028c5a5bfa44c506756980caf2edebb | MB:AvosLocker |
| sha256 | bd88d415032eb24091c352fc0732b31116f44a78d9333037bd7608289608d3cd | MB:AvosLocker |
| md5 | 044cdd8c2257effbd764b0f8c1f7c617 | MB:AvosLocker |
| md5 | 76e177a94834b3f7c63257bc8011f60f | MB:AvosLocker |
| md5 | d285f1366d0d4fdae0b558db690497ea | MB:AvosLocker |
| md5 | 2a56d7d69cb629f91489f8ac45be7a15 | MB:AvosLocker |
| md5 | 19944159dfa94a1b75effd85e6b906dc | MB:AvosLocker |
| md5 | b27f0f2826bacd329fb28d9cda002d7d | MB:AvosLocker |
| md5 | f091b9085d35e61945c743e3683b1b71 | MB:AvosLocker |
| md5 | 1a23dd405a1bd4e488c5fb54f22e14ff | MB:AvosLocker |
| md5 | 8da384b2427b8397a5934182c159c257 | MB:AvosLocker |
| md5 | 2163c068a10608bbc6d721dba25b0c47 | MB:AvosLocker |
| md5 | afed45cd85a191fe3b2543e3ae6aa811 | MB:AvosLocker |
| md5 | a39b4bea47c4d123f8195a3ffb638a1b | MB:AvosLocker |
| md5 | aa3b3e182ee1bcb4c3f9b99337fa5db9 | MB:AvosLocker |
| md5 | f659d1d15d2e0f3bd87379f8e88c6b42 | MB:AvosLocker |
| md5 | e09183041930f37a38d0a776a63aa673 | MB:AvosLocker |
| md5 | d3cafcd46dea26c39dec17ca132e5138 | MB:AvosLocker |
| md5 | 27fc2796210dc3bfdede6a69ac8fa3dd | MB:AvosLocker |
| md5 | 825d6049ba8600ee5fefd817ac5444b4 | MB:AvosLocker |
| md5 | 377676b06b8a28e60d638ab67df2bdb0 | MB:AvosLocker |
| md5 | 40f2238875fcbd2a92cfefc4846a15a8 | MB:AvosLocker |
| md5 | b76d1d3d2d40366569da67620cf78a87 | MB:AvosLocker |
| md5 | 044cdd8c2257effbd764b0f8c1f7c617 | MB:AvosLocker |
| md5 | 76e177a94834b3f7c63257bc8011f60f | MB:AvosLocker |
| md5 | d285f1366d0d4fdae0b558db690497ea | MB:AvosLocker |
| md5 | 2a56d7d69cb629f91489f8ac45be7a15 | MB:AvosLocker |
| md5 | 19944159dfa94a1b75effd85e6b906dc | MB:AvosLocker |
| md5 | b27f0f2826bacd329fb28d9cda002d7d | MB:AvosLocker |
| md5 | f091b9085d35e61945c743e3683b1b71 | MB:AvosLocker |
| md5 | 1a23dd405a1bd4e488c5fb54f22e14ff | MB:AvosLocker |
| md5 | 8da384b2427b8397a5934182c159c257 | MB:AvosLocker |
| md5 | 2163c068a10608bbc6d721dba25b0c47 | MB:AvosLocker |
| md5 | afed45cd85a191fe3b2543e3ae6aa811 | MB:AvosLocker |
| md5 | a39b4bea47c4d123f8195a3ffb638a1b | MB:AvosLocker |
| md5 | aa3b3e182ee1bcb4c3f9b99337fa5db9 | MB:AvosLocker |
| md5 | f659d1d15d2e0f3bd87379f8e88c6b42 | MB:AvosLocker |
| md5 | e09183041930f37a38d0a776a63aa673 | MB:AvosLocker |
| md5 | d3cafcd46dea26c39dec17ca132e5138 | MB:AvosLocker |
| md5 | 27fc2796210dc3bfdede6a69ac8fa3dd | MB:AvosLocker |
| md5 | 825d6049ba8600ee5fefd817ac5444b4 | MB:AvosLocker |
| md5 | 377676b06b8a28e60d638ab67df2bdb0 | MB:AvosLocker |
| md5 | 40f2238875fcbd2a92cfefc4846a15a8 | MB:AvosLocker |
| md5 | b76d1d3d2d40366569da67620cf78a87 | MB:AvosLocker |