Indicators of Compromise						

SHA-256										 Detection Name

00ed4c347cd62526226363a0aceb851b2ef7e3a4da78433a28f2cd6cbd5f1b99 		 Ransom.Win64.MOUNTLOCKER.SMD
85b53edb2e3476bdb29f98bd19c56baa0205e6620917e654cbe81c9745d6193d 		 Ransom.Win32.MOUNTLOCKER.D
6de93a937d2b88cb4ebd030aabff97439939630e18186167d92a0bf5f55f7e97 		 Backdoor.Win32.GLUPTEBA.SMTH.hp
0fa0ad3dbf321d2c7c645aab928176d7a2d21b64d84d720829b67ad6c37381c7 		 Ransom.Win32.MOUNTLOCKER.D
b07e554eff514d0dd77f3cf52e011fe315c21054053032a64c70699fe5336894 		 TrojanSpy.Win64.ICEDID.SMYABDET
e7c277aae66085f1e0c4789fe51cac50e3ea86d79c8a242ffc066ed0b0548037 		 Ransom.Win32.MOUNTLOCKER.B
b26749b17ca691328ba67ee49d4d9997c101966c607ab578afad204459b7bf8f 		 Backdoor.Win32.GLUPTEBA.SMTH.hp
187610fb06cc60c73c0062b593c5fe3ba29e0436e396969feb9ed25391ff7e8b 		 Ransom.Win64.MOUNTLOCKER.F
4a5ac3c6f8383cc33c795804ba5f7f5553c029bbb4a6d28f1e4d8fb5107902c1 		 Ransom.Win64.MOUNTLOCKER.E
0fc52ab540452b524dadb3a7dbcd2a7f1c2d5c553229d77cfbff0d800f8c0f44 		 Ransom.Win32.MOUNTLOCKER.D
226a723ffb4a91d9950a8b266167c5b354ab0db1dc225578494917fe53867ef2 		 Ransom.Win32.MOUNTLOCKER.D
bb0d3f8626658f9709c3025167fe572d7baef8de9a2f3d90fba4dafec1245e56 		 Ransom.Win32.MOUNTLOCKER.D
2c44444d207a78da7477ae1af195d4265134e895bebb476f7b2c003f1467a033 		 Ransom.Win64.ASTROLOCKER.THCBDBA
e698e8edd2c499a1044953be7f044b908a470ec35f039c8730957650c5ca1465 		 Ransom.Win32.MOUNTLOCKER.SM
200279581c09dcc1eca13ddf94ca8568c9f3a203f877764e88dbe9929ee4677c 		 Backdoor.Win32.GLUPTEBA.SMTH.hp 
1c29056802fb4d44c40de937cbb73a1243c3ac3db24a8f0ad4c931b8324bb546 		 Backdoor.Win32.GLUPTEBA.SMTH.hp
189d48b6da8b247fb15f6b1021f668a8bc6739965de8dbf7cab9698478e8c2a2 		 Ransom.Win32.MOUNTLOCKER.D
21eb31017c9354c81ac6bc61b21bf7e96787a1298f375d5b46740898d9578e96 		 Ransom.Win32.MOUNTLOCKER.D
3dd01b5803b349892e0172c59090a201c819b7a67af859e64b5f4f17fd7ebf91 		 Ransom.Win64.ASTROLOCKER.THCBDBA

---------------------------------------------

URL

w6ilafwwrgtrmilorzqex6pgpvfsa667fydca2wpoluj6sajka225byd.onion 
accdknc4nmu4t5hclb6q6kjm2u7u5xdzjnewut2up2rlcfqe5lootlqd.onion 
c6zkofycoumltpmm6zpyfadkuddpmlqk6vyd3orrfjgtq3vrgyifl6yd.onion 
3klsbd4dwj3yqgo4xpogfgwqkljbnbdxjryeqks2cjion5jj33wvkqyd.onion 
yk7erwdvj4vxcgiq3gmcufkben4bk4ixddl5j2xvu7gurtdq754jmiad.onion 
z4cn6lpet4y4r6mdlbpklpcrjdruwb6kiuvxn6gsiuoub23z6prlx6ad.onion 
ibih5znjxf2cqgo737xmooyvmxhac45wd4rivh6n5hd7fysn42g3fayd.onion 
ikrah6fb4e6r2raxkyvyoxp22jam5z6ak5ajfnzxutmassoagvr2bhad.onion 
hceesrsg6f5p4gcph4j6jv6vl4mkmaik735oz4r45lgjfyedsxfoprad.onion 
qfgh2lpslhjb33z3wsenmqrxcdragelinvcpowlgkbjca6yig5zloeyd.onion 
x4mjvffmytkw3hyu.onion 
tpze4yo74m6qflef.onion 
evl425tkt4hkwryyplvqu6bn6slfow3fa4xwgvwe5t4zf6gizs3ewuyd.onion 
xingnewj6m4qytljhfwemngm7r7rogrindbq7wrfeepejgxc3bwci7qd.onion 
zckdr5wmbzxphoem77diqb2ome2a54o23jl2msz3kmotjlpdnjhmn6yd.onion