Parsing: enabled
Description
CryptNet is a newer Ransomware-as-a-Service (RaaS) operation first identified in April 2023. It follows a double-extortion model, performing data exfiltration before encrypting files. Written in .NET and obfuscated with .NET Reactor, CryptNet utilizes AES-256 (CBC) and RSA-2048 encryption. Its codebase shares strong similarities with Chaos and Yashma ransomware families.
External Analysis1
| External Analysis |
|---|
| https://www.zscaler.com/blogs/security-research/technical-analysis-cryptnet-ransomware |
Ransom notes1
Urls1
| Url | ||||
|---|---|---|---|---|
| http://blog6zw62uijolee7e6aqqnqaszs3ckr5iphzdzsazgrpvtqtjwqryid.onion/ | Down |
|
Chat servers1
| Url | ||||
|---|---|---|---|---|
| http://cryptr3fmuv4di5uiczofjuypopr63x2gltlsvhur2ump4ebru2xd3yd.onion | Down |
|
Activity (interactive) 2
Posts2
| Date | Title | Description | Screen |
|---|---|---|---|
| Urban Import | www.urbanimport.com Urban Import was established in 2001 by fellow automotive enthusiasts to provide customers with an unrivaled selection of top quality aftermarket automotive parts. After cementing our presence as an eBay Power Seller, we launched our first online retail site carrying some of the top performance brands of the time. As the aftermarket performance ind... |
|
|
| Export Hub | www.exporthub.com ExportHub Ltd. is committed to safeguarding its users' privacy. We request all our users to read the following 'privacy policy' to understand how their personal & business information will be treated, as they make full use of our services to their benefit. This policy is applicable only to the entire network of marketplaces operated by EH and not b... |
|