Sodinokibi_Ransomware_04-07-2019

1. #sodinokibi #Ransomware
2. --------------------------------------
3. 04-07-2019
4. --------------------------------------
5. Main object- "dd05b24610d5f9513e68201a88cdb05391bfd061346a7274062d1416e8322ff6.bin.gz"
6. sha256 d659e06a81e6b0c4b3785ed25cd9b5bc54c2bfe8a491959153269e31dc8b639d
7. sha1 dbdb547ad0268b3241e9d67c425e02ad073c0179
8. md5 1b0b26187392c780587de9fdfa45a362
9. ssdeep_parts [object Object]
10. Dropped executable file
11. sha256 C:\Users\admin\Desktop\dd05b24610d5f9513e68201a88cdb05391bfd061346a7274062d1416e8322ff6.bin.gz dd05b24610d5f9513e68201a88cdb05391bfd061346a7274062d1416e8322ff6
12. DNS requests
13. domain auberives-sur-vareze.fr
14. domain so-sage.fr
15. domain aquacheck.co.za
16. domain katherinealy.com
17. domain selected-minds.de
18. domain nuohous.com
19. domain www.makingmillionaires.net
20. domain makingmillionaires.net
21. domain piestar.com
22. domain outstandingminialbums.com
23. domain bubbalucious.com
24. domain projektparkiet.pl
25. domain golfclublandgoednieuwkerk.nl
26. domain maxcube24.com.ua
27. domain rentsportsequip.com
28. domain rino-gmbh.com
29. domain bourchier.org
30. domain qwikcoach.com
31. domain jlgraphisme.fr
32. domain xrresources.com
33. domain accounts.google.com
34. domain the3-week-diet.net
35. domain decryptor.top
36. domain gratiocafeblog.wordpress.com
37. domain marcandy.com
38. domain mieleshopping.it
39. domain cleanroomequipment.ie
40. domain fanuli.com.au
41. domain asiaartgallery.jp
42. domain alabamaroofingllc.com
43. domain adedesign.com
44. domain tesisatonarim.com
45. domain ziliak.com
46. domain spectamarketingdigital.com.br
47. domain signamedia.de
48. domain egpu.fr
49. domain barbaramcfadyenjewelry.com
50. domain 111firstdelray.com
51. domain frimec-international.es
52. domain latteswithleslie.com
53. domain www.alabamaroofingllc.com
54. domain ayudaespiritualtamara.com
55. domain www.cleanroomequipment.ie
56. domain drbenveniste.com
57. domain dogsunlimitedguide.com
58. domain teamsegeln.ch
59. domain physio-lang.de
60. domain pajagus.fr
61. domain look.academy
62. domain myfbateam.com
63. domain activeterroristwarningcompany.com
64. domain nutriwell.com.sg
65. domain dibli.store
66. domain charlesfrancis.photos
67. domain www.airserviceunlimited.com
68. domain pvandambv.nl
69. domain mazzaropi.com.br
70. domain eurethicsport.eu
71. domain airserviceunlimited.com
72. Connections
73. ip 197.221.14.44
74. ip 217.182.126.186
75. ip 104.18.41.218
76. ip 5.35.250.124
77. ip 217.160.0.166
78. ip 164.132.235.17
79. ip 162.255.118.194
80. ip 77.94.249.22
81. ip 35.170.173.134
82. ip 178.32.51.80
83. ip 159.203.65.67
84. ip 185.55.85.6
85. ip 212.90.148.124
86. ip 88.99.61.233
87. ip 185.68.16.21
88. ip 104.28.29.191
89. ip 178.32.76.90
90. ip 5.152.193.244
91. ip 69.195.124.231
92. ip 146.66.113.232
93. ip 195.114.26.214
94. ip 192.0.78.13
95. ip 46.30.215.229
96. ip 185.197.128.45
97. ip 89.145.92.29
98. ip 91.214.71.139
99. ip 198.46.93.64
100. ip 89.234.180.47
101. ip 136.243.123.152
102. ip 206.189.196.208
103. ip 104.31.80.46
104. ip 209.182.204.181
105. ip 8.248.113.254
106. ip 104.28.9.186
107. ip 52.71.222.18
108. ip 188.165.33.133
109. ip 23.185.0.2
110. ip 183.90.242.17
111. ip 185.2.4.41
112. ip 83.166.138.104
113. ip 37.230.97.92
114. ip 64.90.33.203
115. ip 104.27.133.249
116. ip 185.119.173.174
117. ip 83.150.213.43
118. ip 104.27.166.25
119. ip 149.56.35.134
120. ip 173.199.126.114
121. ip 78.46.155.135
122. ip 108.160.146.5
123. ip 78.46.5.147
124. ip 91.134.24.251
125. ip 104.25.17.111
126. ip 50.116.71.86
127. ip 104.24.19.18
128. ip 184.168.221.83
129. ip 81.19.159.69
130. HTTP/HTTPS requests
131. url http://decryptor.top/C2D97495C4BA3647