Hydracrypt Ransomware: Examples and information

Cybercriminals are cashing money with cryptolocker and ransomware malware – and for that reason, we are seeing new types of cryptolockers and ransomware pop-up on the web.

The guys at malware-traffic-analysis.net have analysed a HydraCrypt ransomware sample, and they have made some cool findings.

The IOCs which are shared by malware-traffic-analysis;

  • 208.43.108.11 port 80 – www.harbourfrontcentre.com – Compromised website
  • 85.93.0.32 port 80 – vyetbr.tk – EITest gate
  • 86.106.93.66 port 80 – qywr2kr.spyscj.site – Angler EK
  • 185.97.253.128 port 80 – drivers-softprotect.eu – HydraCrypt callback traffic

hydracrypt 1 hydracrypt 2 hydracrypt 3

The Hydracrypt ransomware is a “new” variant of the ransomware families, the ransomware also contains the Marvels “Hydra” logo. For more information about the Hydracrypt ransomware I strongly suggest you to take a look at the malware-traffic-analysis article.