Saturn Ransomware Analysis and Samples

Saturn Ransomware encrypts various files of its victim machine and ask for $300 in Bitcoins to unlock. It give its victim one week to comply. Infected files by this virus bears its distinct .saturn extension. A VirusTotal analysis can be found here.

Saturn Ransomware Sandbox Run

Saturn Ransomware Hash

MD5: BBD4C2D2C72648C8F871B36261BE23FD
SHA1: 77C525E6B8A5760823AD6036E60B3FA244DB8E42
SHA256: 9E87F069DE22CEAC029A4AC56E6305D2DF54227E6B0F0B3ECAD52A01FBADE021
SSDEEP: 6144:zUrigyvF8Q9fLglQ8t0qabFDfOdQ/LDA8H+wwaMZUUAOq+mwNf8fsS+:zUrigY8QBLg9t0qabFDGdQ/TlYiUQ+Vz

Download Saturn Ransomware Sample

Download Saturn Malware Sample
The password of the zip is: infected

Download Saturn Ransomware PCAP

Download Saturn Malware PCAP