CryptoWire with Decryption Key Included

March 19, 2024, 2:36 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

AhnLab SEcurity intelligence Center (ASEC) recently discovered the distribution of CryptoWire, a ransomware that was once viral in 2018.

Figure 1. CryptoWire Github

CryptoWire is mainly distributed via phishing emails and is made using Autoit script.

Main Features

The ransomware copies and pastes itself in the path “C\Program Files\Common Files,” and registers a schedule to the task scheduler to maintain persistence.

Figure 2. Registering a task schedule

Figure 3. Registered task schedule

The malware explores the local and connected network …

ahnlab asec autoit center cryptowire decryption decryption key distributed distribution emails features files github intelligence key main malware analysis path phishing phishing emails program ransomware schedule script security security intelligence viral

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Wireshark 4.2.5 Released, (Sat, May 18th) 10 hours ago | malware.news

article bugs center cve +13

The who, where, and how of APT attacks – Week in security with Tony Anscombe 20 hours ago | malware.news

apt article attacks campaigns +11

Leveling the cybersecurity playing field 1 day, 1 hour ago | malware.news

article blumira cybersecurity entry +4

Hardware cybersecurity leader, Flexxon, introduces Server Defender 1 day, 1 hour ago | malware.news

advanced article cybersecurity defender +8

Automated pentesting in the cloud 1 day, 1 hour ago | malware.news

article automated challenge cloud +10

How to revamp your cybersecurity in the middle of the chaos 1 day, 1 hour ago | malware.news

article attackers chaos cybersecurity +8

6K-plus AI models may be affected by critical RCE vulnerability 1 day, 3 hours ago | malware.news

ai models article attacks critical +14

Zscaler annual phishing report finds a near 60% increase in phishing attacks in 2023 1 day, 4 hours ago | malware.news

article attacks link media +6

Microsoft, North Korea, Santander, CISA, Deepfakes, Aaran Leyland & More - SWN #387 1 day, 5 hours ago | malware.news

amp article cisa deepfakes +8

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Consultant Sécurité SI Gouvernance - Risques - Conformité H/F - Strasbourg

@ Hifield | Strasbourg, France

View on infosec-jobs.com

Lead Security Specialist

@ KBR, Inc. | USA, Dallas, 8121 Lemmon Ave, Suite 550, Texas

View on infosec-jobs.com

Consultant SOC / CERT H/F

@ Hifield | Sèvres, France

View on infosec-jobs.com

all InfoSec news

CryptoWire with Decryption Key Included

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Jobs in InfoSec / Cybersecurity

Information Security Engineers

Technology Security Analyst

Senior Cyber Security Analyst

Consultant Sécurité SI Gouvernance - Risques - Conformité H/F - Strasbourg

Lead Security Specialist

Consultant SOC / CERT H/F