Cryptnet

Parsing : Enabled

Description

CryptNet is a newer Ransomware-as-a-Service (RaaS) operation first identified in April 2023. It follows a double-extortion model, performing data exfiltration before encrypting files. Written in .NET and obfuscated with .NET Reactor, CryptNet utilizes AES-256 (CBC) and RSA-2048 encryption. Its codebase shares strong similarities with Chaos and Yashma ransomware families.

External Analysis
https://www.zscaler.com/blogs/security-research/technical-analysis-cryptnet-ransomware
Urls
Screen
http://blog6zw62uijolee7e6aqqnqaszs3ckr5iphzdzsazgrpvtqtjwqryid.onion/
Screen
File servers
Screen
Chat servers
Screen
http://cryptr3fmuv4di5uiczofjuypopr63x2gltlsvhur2ump4ebru2xd3yd.onion
Screen
Admin servers
Screen

Posts

Date Title Description Screen
2023-04-20
Urban Import www.urbanimport.com Urban Import was established in 2001 by fellow automotive enthusiasts to provide customers with an unrivaled selection of top quality aftermarket automotive parts. After cementing our presence as an eBay Power Seller, we launched our first online retail site carrying some of the top performance brands of the time. As the aftermarket performance ind...
Screen
2023-04-20
Export Hub www.exporthub.com ExportHub Ltd. is committed to safeguarding its users' privacy. We request all our users to read the following 'privacy policy' to understand how their personal & business information will be treated, as they make full use of our services to their benefit. This policy is applicable only to the entire network of marketplaces operated by EH and not b...
Screen