BlackKingdom Ransomware Download

Posted Under: Download Free Malware Samples , Malware, Ransomware, Windows on Mar 23, 2021
BlackKingdom Ransomware Download
BlackKingdom ransomware is another ransomware, known so far, that is actively exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities. Attackers used the ProxyLogon vulnerability to execute a PowerShell script that downloads the ransomware executable from 'yuuuuu44[.]com' and then pushes it out to other computers on the network. The attacker demaned a ransom of $10,000 in Bitcoins in this wallet 1Lf8ZzcEhhRiXpk6YNQFpCJcUisiXb34FT.

DearCry Ransomware was the first known malware to exploit ProxyLogon for ransom.

BlackKingdom Ransomware Signatures

Family: Trojan:Win32/Ymacco.AAC4
MD5: 96c2f4acef5807b54ded4e0dae6ed79d
SHA256: c4aa94c73a50b2deca0401f97e4202337e522be3df629b3ef91e706488b64908

BlackKingdom Ransomware Download

Download BlackKingdom Ransomware Sample