Ransom_HPCERBER.SMONT4(Hosted in France ASN: 16276 (OVH SAS)

By Pig, June 3, 2017

Contacts servers via udp :

“178.33.158.0:6893”
“178.33.158.1:6893”
“178.33.158.2:6893”
“178.33.158.3:6893”
“178.33.158.4:6893”
“178.33.158.5:6893”
“178.33.158.6:6893”
“178.33.158.7:6893”
“178.33.158.8:6893”
“178.33.158.9:6893”
“178.33.158.10:6893”
“178.33.158.11:6893”
“178.33.158.12:6893”
“178.33.158.13:6893”
“178.33.158.14:6893”
“178.33.158.15:6893”
“178.33.158.16:6893”
“178.33.158.17:6893”
“178.33.158.18:6893”
“178.33.158.19:6893”

execute command :
“taskkill /f /im “c1.exe” > NUL & ping -n 1 127.0.0.1 > NUL & del “C:c1.exe” > NUL && exit”

Sample here : hxxp://119.205.220.184/c.exe

Categories: Uncategorized

Tags: Ransom_HPCERBER.SMONT4

Previous post220.181.87.80( Trik v2.5 bot By snk Hosted in China Beijing Chinanet Beijing Province Network)

Next postfarawayer.ru(Pony Hosted In Russian Federation Lenina Dom Dlya Saita Llc)