Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
LockerGoga IOCs
first_submitted (epoch) first_submitted sha256 file_magic size num_detections RESULTS signers full_sig country
1546950000 2019-01-08 12:20:00 c7a69dcfb6a3fe433a52a71d85a7e90df25b1db1bc843a541eb08ea2fd1052a4 PE32+ executable for MS Windows (DLL) (console) Mono/.Net assembly 2097664 27 Win64/Filecoder.LockerGoga.A,W64/Filecoder_LockerGoga.A!tr.ransom,Trojan-Ransom.LockerGoga NL
1547710000 2019-01-17 7:26:40 5b0b972713cd8611b04e4673676cdff70345ac7301b2c23173cdfeaff564225c PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1284112 40 Trojan[Ransom]/Win32.LockerGoga.a,Ransom.LockerGoga.S5239812,a variant of Win32/Filecoder.LockerGoga.A "MIKL LIMITED; COMODO RSA Code Signing CA; COMODO SECURE™" [{"status":"Trust for this certificate or one of the certificates in the certificate chain has been revoked.","valid usage":"Code Signing","name":"MIKL LIMITED","algorithm":"sha256RSA","valid from":"12:00 AM 06/25/2018","valid to":"11:59 PM 06/25/2019","serial number":"3D 25 80 E8 95 26 F7 85 2B 57 06 54 EF D9 A8 BF","cert issuer":"COMODO RSA Code Signing CA","thumbprint":"C1B4D57A36E0B6853DD38E3034EDF7D99A8B73AD"},{"status":"Valid","valid usage":"Code Signing","name":"COMODO RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 05/09/2013","valid to":"11:59 PM 05/08/2028","serial number":"2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF","cert issuer":"COMODO RSA Certification Authority","thumbprint":"B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"COMODO SECURE™","algorithm":"sha384RSA","valid from":"12:00 AM 01/19/2010","valid to":"11:59 PM 01/18/2038","serial number":"4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D","cert issuer":"COMODO RSA Certification Authority","thumbprint":"AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4"}] RO
1548320000 2019-01-24 8:53:20 bdf36127817413f625d2625d3133760af724d6ad2410bea7297ddc116abc268f PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1267728 51 Win32/Filecoder.LockerGoga.A,W32/LockerGoga.A.gen!Eldorado,Win32.Trojan-Ransom.LockerGoga.A,Ransom.Win32.LOCKERGOGA.SMA "MIKL LIMITED; COMODO RSA Code Signing CA; COMODO SECURE™" [{"status":"Trust for this certificate or one of the certificates in the certificate chain has been revoked.","valid usage":"Code Signing","name":"MIKL LIMITED","algorithm":"sha256RSA","valid from":"12:00 AM 06/25/2018","valid to":"11:59 PM 06/25/2019","serial number":"3D 25 80 E8 95 26 F7 85 2B 57 06 54 EF D9 A8 BF","cert issuer":"COMODO RSA Code Signing CA","thumbprint":"C1B4D57A36E0B6853DD38E3034EDF7D99A8B73AD"},{"status":"Valid","valid usage":"Code Signing","name":"COMODO RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 05/09/2013","valid to":"11:59 PM 05/08/2028","serial number":"2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF","cert issuer":"COMODO RSA Certification Authority","thumbprint":"B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"COMODO SECURE™","algorithm":"sha384RSA","valid from":"12:00 AM 01/19/2010","valid to":"11:59 PM 01/18/2038","serial number":"4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D","cert issuer":"COMODO RSA Certification Authority","thumbprint":"AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4"}] RO
1548320000 2019-01-24 8:53:20 bdf36127817413f625d2625d3133760af724d6ad2410bea7297ddc116abc268f PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1267728 51 Win32/Filecoder.LockerGoga.A,Win32/Filecoder.LockerGoga.A,W32/LockerGoga.A.gen!Eldorado,W32/LockerGoga.A.gen!Eldorado,Win32.Trojan-Ransom.LockerGoga.A,Win32.Trojan-Ransom.LockerGoga.A,Ransom.Win32.LOCKERGOGA.SMA,Ransom.Win32.LOCKERGOGA.SMA "MIKL LIMITED; COMODO RSA Code Signing CA; COMODO SECURE™" [{"status":"Trust for this certificate or one of the certificates in the certificate chain has been revoked.","valid usage":"Code Signing","name":"MIKL LIMITED","algorithm":"sha256RSA","valid from":"12:00 AM 06/25/2018","valid to":"11:59 PM 06/25/2019","serial number":"3D 25 80 E8 95 26 F7 85 2B 57 06 54 EF D9 A8 BF","cert issuer":"COMODO RSA Code Signing CA","thumbprint":"C1B4D57A36E0B6853DD38E3034EDF7D99A8B73AD"},{"status":"Valid","valid usage":"Code Signing","name":"COMODO RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 05/09/2013","valid to":"11:59 PM 05/08/2028","serial number":"2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF","cert issuer":"COMODO RSA Certification Authority","thumbprint":"B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"COMODO SECURE™","algorithm":"sha384RSA","valid from":"12:00 AM 01/19/2010","valid to":"11:59 PM 01/18/2038","serial number":"4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D","cert issuer":"COMODO RSA Certification Authority","thumbprint":"AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4"}] NL
1548320000 2019-01-24 8:53:20 bdf36127817413f625d2625d3133760af724d6ad2410bea7297ddc116abc268f PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1267728 51 Win32/Filecoder.LockerGoga.A,Win32/Filecoder.LockerGoga.A,Win32/Filecoder.LockerGoga.A,Win32/Filecoder.LockerGoga.A,Win32/Filecoder.LockerGoga.A,Win32/Filecoder.LockerGoga.A,Win32/Filecoder.LockerGoga.A,Win32/Filecoder.LockerGoga.A,Win32/Filecoder.LockerGoga.A,Win32/Filecoder.LockerGoga.A,Win32/Filecoder.LockerGoga.A,Win32/Filecoder.LockerGoga.A,Win32/Filecoder.LockerGoga.A,Win32/Filecoder.LockerGoga.A,W32/LockerGoga.A.gen!Eldorado,W32/LockerGoga.A.gen!Eldorado,W32/LockerGoga.A.gen!Eldorado,W32/LockerGoga.A.gen!Eldorado,W32/LockerGoga.A.gen!Eldorado,W32/LockerGoga.A.gen!Eldorado,W32/LockerGoga.A.gen!Eldorado,W32/LockerGoga.A.gen!Eldorado,W32/LockerGoga.A.gen!Eldorado,W32/LockerGoga.A.gen!Eldorado,W32/LockerGoga.A.gen!Eldorado,W32/LockerGoga.A.gen!Eldorado,W32/LockerGoga.A.gen!Eldorado,W32/LockerGoga.A.gen!Eldorado,Win32.Trojan-Ransom.LockerGoga.A,Win32.Trojan-Ransom.LockerGoga.A,Win32.Trojan-Ransom.LockerGoga.A,Win32.Trojan-Ransom.LockerGoga.A,Win32.Trojan-Ransom.LockerGoga.A,Win32.Trojan-Ransom.LockerGoga.A,Win32.Trojan-Ransom.LockerGoga.A,Win32.Trojan-Ransom.LockerGoga.A,Win32.Trojan-Ransom.LockerGoga.A,Win32.Trojan-Ransom.LockerGoga.A,Win32.Trojan-Ransom.LockerGoga.A,Win32.Trojan-Ransom.LockerGoga.A,Win32.Trojan-Ransom.LockerGoga.A,Win32.Trojan-Ransom.LockerGoga.A,Ransom.Win32.LOCKERGOGA.SMA,Ransom.Win32.LOCKERGOGA.SMA,Ransom.Win32.LOCKERGOGA.SMA,Ransom.Win32.LOCKERGOGA.SMA,Ransom.Win32.LOCKERGOGA.SMA,Ransom.Win32.LOCKERGOGA.SMA,Ransom.Win32.LOCKERGOGA.SMA,Ransom.Win32.LOCKERGOGA.SMA,Ransom.Win32.LOCKERGOGA.SMA,Ransom.Win32.LOCKERGOGA.SMA,Ransom.Win32.LOCKERGOGA.SMA,Ransom.Win32.LOCKERGOGA.SMA,Ransom.Win32.LOCKERGOGA.SMA,Ransom.Win32.LOCKERGOGA.SMA "MIKL LIMITED; COMODO RSA Code Signing CA; COMODO SECURE™" [{"status":"Trust for this certificate or one of the certificates in the certificate chain has been revoked.","valid usage":"Code Signing","name":"MIKL LIMITED","algorithm":"sha256RSA","valid from":"12:00 AM 06/25/2018","valid to":"11:59 PM 06/25/2019","serial number":"3D 25 80 E8 95 26 F7 85 2B 57 06 54 EF D9 A8 BF","cert issuer":"COMODO RSA Code Signing CA","thumbprint":"C1B4D57A36E0B6853DD38E3034EDF7D99A8B73AD"},{"status":"Valid","valid usage":"Code Signing","name":"COMODO RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 05/09/2013","valid to":"11:59 PM 05/08/2028","serial number":"2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF","cert issuer":"COMODO RSA Certification Authority","thumbprint":"B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"COMODO SECURE™","algorithm":"sha384RSA","valid from":"12:00 AM 01/19/2010","valid to":"11:59 PM 01/18/2038","serial number":"4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D","cert issuer":"COMODO RSA Certification Authority","thumbprint":"AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4"}]
1548320000 2019-01-24 8:53:20 bdf36127817413f625d2625d3133760af724d6ad2410bea7297ddc116abc268f PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1267728 51 Win32/Filecoder.LockerGoga.A,W32/LockerGoga.A.gen!Eldorado,Win32.Trojan-Ransom.LockerGoga.A,Ransom.Win32.LOCKERGOGA.SMA "MIKL LIMITED; COMODO RSA Code Signing CA; COMODO SECURE™" [{"status":"Trust for this certificate or one of the certificates in the certificate chain has been revoked.","valid usage":"Code Signing","name":"MIKL LIMITED","algorithm":"sha256RSA","valid from":"12:00 AM 06/25/2018","valid to":"11:59 PM 06/25/2019","serial number":"3D 25 80 E8 95 26 F7 85 2B 57 06 54 EF D9 A8 BF","cert issuer":"COMODO RSA Code Signing CA","thumbprint":"C1B4D57A36E0B6853DD38E3034EDF7D99A8B73AD"},{"status":"Valid","valid usage":"Code Signing","name":"COMODO RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 05/09/2013","valid to":"11:59 PM 05/08/2028","serial number":"2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF","cert issuer":"COMODO RSA Certification Authority","thumbprint":"B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"COMODO SECURE™","algorithm":"sha384RSA","valid from":"12:00 AM 01/19/2010","valid to":"11:59 PM 01/18/2038","serial number":"4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D","cert issuer":"COMODO RSA Certification Authority","thumbprint":"AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4"}] CO
1548330000 2019-01-24 11:40:00 b8dedd74f8f474c97d53d313eb5a61d09fc020e91aa09c36711bac5cc123b6d7 ASCII English text, with CRLF line terminators 1427 2 Win32/Filecoder.LockerGoga NL
1548360000 2019-01-24 20:00:00 bef41d3c76aa98e774ca0185eb5d37da7bf128e3d855ebc699fed90f3988c7d3 7-zip archive data, version 0.4 1267866 32 Trojan[Ransom]/Win32.LockerGoga.a,Win32/Filecoder.LockerGoga.A,Win32.Trojan-Ransom.LockerGoga.A IT
1548460000 2019-01-25 23:46:40 6e69548b1ae61d951452b65db15716a5ee2f9373be05011e897c61118c239a77 PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1267728 50 a variant of Win32/Filecoder.LockerGoga.A,W32/LockerGoga.A.gen!Eldorado,Win32.Trojan-Ransom.LockerGoga.A "MIKL LIMITED; COMODO RSA Code Signing CA; COMODO SECURE™" [{"status":"Trust for this certificate or one of the certificates in the certificate chain has been revoked.","valid usage":"Code Signing","name":"MIKL LIMITED","algorithm":"sha256RSA","valid from":"12:00 AM 06/25/2018","valid to":"11:59 PM 06/25/2019","serial number":"3D 25 80 E8 95 26 F7 85 2B 57 06 54 EF D9 A8 BF","cert issuer":"COMODO RSA Code Signing CA","thumbprint":"C1B4D57A36E0B6853DD38E3034EDF7D99A8B73AD"},{"status":"Valid","valid usage":"Code Signing","name":"COMODO RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 05/09/2013","valid to":"11:59 PM 05/08/2028","serial number":"2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF","cert issuer":"COMODO RSA Certification Authority","thumbprint":"B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"COMODO SECURE™","algorithm":"sha384RSA","valid from":"12:00 AM 01/19/2010","valid to":"11:59 PM 01/18/2038","serial number":"4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D","cert issuer":"COMODO RSA Certification Authority","thumbprint":"AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4"}] NL
1548460000 2019-01-25 23:46:40 8cfbd38855d2d6033847142fdfa74710b796daf465ab94216fbbbe85971aee29 PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1282576 40 Trojan[Ransom]/Win32.LockerGoga.a,Ransom.LockerGoga.S5239812,Win32/Filecoder.LockerGoga.A,W32/LockerGoga.A.gen!Eldorado "MIKL LIMITED; COMODO RSA Code Signing CA; COMODO SECURE™" [{"status":"Trust for this certificate or one of the certificates in the certificate chain has been revoked.","valid usage":"Code Signing","name":"MIKL LIMITED","algorithm":"sha256RSA","valid from":"11:00 PM 06/24/2018","valid to":"10:59 PM 06/25/2019","serial number":"3D 25 80 E8 95 26 F7 85 2B 57 06 54 EF D9 A8 BF","cert issuer":"COMODO RSA Code Signing CA","thumbprint":"C1B4D57A36E0B6853DD38E3034EDF7D99A8B73AD"},{"status":"Valid","valid usage":"Code Signing","name":"COMODO RSA Code Signing CA","algorithm":"sha384RSA","valid from":"11:00 PM 05/08/2013","valid to":"10:59 PM 05/08/2028","serial number":"2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF","cert issuer":"COMODO RSA Certification Authority","thumbprint":"B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"COMODO SECURE™","algorithm":"sha384RSA","valid from":"12:00 AM 01/19/2010","valid to":"11:59 PM 01/18/2038","serial number":"4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D","cert issuer":"COMODO RSA Certification Authority","thumbprint":"AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4"}] NL
1548610000 2019-01-27 17:26:40 c3d334cb7f6007c9ebee1a68c4f3f72eac9b3c102461d39f2a0a4b32a053843a PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1267728 45 Generic.Ransom.LockerGoga.4223BE99,Generic.Ransom.LockerGoga.4223BE99,Generic.Ransom.LockerGoga.4223BE99,a variant of Win32/Filecoder.LockerGoga.A,Generic.Ransom.LockerGoga.4223BE99 (B),W32/LockerGoga.A.gen!Eldorado,Win32.Trojan-Ransom.LockerGoga.A,Generic.Ransom.LockerGoga.4223BE99,Ransom.Win32.LOCKERGOGA.SMA,W32.Ransom.Lockergoga NL
1548680000 2019-01-28 12:53:20 9128e1c56463b3ce7d4578ef14ccdfdba15ccc2d73545cb541ea3e80344b173c PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1267728 10 W32.Ransom.Lockergoga SE
1548840000 2019-01-30 9:20:00 f3c58f6de17d2ef3e894c09bc68c0afcce23254916c182e44056db3cad710192 PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1290240 47 Generic.Ransom.LockerGoga.CA4FC2EE,Generic.Ransom.LockerGoga.CA4FC2EE,Generic.Ransom.LockerGoga.CA4FC2EE,a variant of Win32/Filecoder.LockerGoga.A,Generic.Ransom.LockerGoga.CA4FC2EE (B),Win32.Trojan-Ransom.LockerGoga.A,Generic.Ransom.LockerGoga.CA4FC2EE,Ransom.Win32.LOCKERGOGA.SMA,Ransom.Win32.LOCKERGOGA.SMA FR
1549370000 2019-02-05 12:33:20 47f5a231f7cd0e36508ca6ff8c21c08a7248f0f2bd79c1e772b73443597b09b4 PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1274736 39 Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Lockergoga,Trojan.Lockergoga,Trojan.Lockergoga,Trojan.Lockergoga,Trojan.Lockergoga,Trojan.Lockergoga,Trojan.Lockergoga,Trojan.Lockergoga,Trojan.Lockergoga,Win32/Filecoder.LockerGoga.B,Win32/Filecoder.LockerGoga.B,Win32/Filecoder.LockerGoga.B,Win32/Filecoder.LockerGoga.B,Win32/Filecoder.LockerGoga.B,Win32/Filecoder.LockerGoga.B,Win32/Filecoder.LockerGoga.B,Win32/Filecoder.LockerGoga.B,Win32/Filecoder.LockerGoga.B,Trojan-Ransom.LockerGoga (A),Trojan-Ransom.LockerGoga (A),Trojan-Ransom.LockerGoga (A),Trojan-Ransom.LockerGoga (A),Trojan-Ransom.LockerGoga (A),Trojan-Ransom.LockerGoga (A),Trojan-Ransom.LockerGoga (A),Trojan-Ransom.LockerGoga (A),Trojan-Ransom.LockerGoga (A),W32/Filecoder_LockerGoga.B!tr,W32/Filecoder_LockerGoga.B!tr,W32/Filecoder_LockerGoga.B!tr,W32/Filecoder_LockerGoga.B!tr,W32/Filecoder_LockerGoga.B!tr,W32/Filecoder_LockerGoga.B!tr,W32/Filecoder_LockerGoga.B!tr,W32/Filecoder_LockerGoga.B!tr,W32/Filecoder_LockerGoga.B!tr,Win32.Trojan-Ransom.LockerGoga.B,Win32.Trojan-Ransom.LockerGoga.B,Win32.Trojan-Ransom.LockerGoga.B,Win32.Trojan-Ransom.LockerGoga.B,Win32.Trojan-Ransom.LockerGoga.B,Win32.Trojan-Ransom.LockerGoga.B,Win32.Trojan-Ransom.LockerGoga.B,Win32.Trojan-Ransom.LockerGoga.B,Win32.Trojan-Ransom.LockerGoga.B,Trojan-Ransom.LockerGoga,Trojan-Ransom.LockerGoga,Trojan-Ransom.LockerGoga,Trojan-Ransom.LockerGoga,Trojan-Ransom.LockerGoga,Trojan-Ransom.LockerGoga,Trojan-Ransom.LockerGoga,Trojan-Ransom.LockerGoga,Trojan-Ransom.LockerGoga,Ransom.LockerGoga,Ransom.LockerGoga,Ransom.LockerGoga,Ransom.LockerGoga,Ransom.LockerGoga,Ransom.LockerGoga,Ransom.LockerGoga,Ransom.LockerGoga,Ransom.LockerGoga,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI "KITTY'S LTD; Sectigo RSA Code Signing CA; USERTrust Secure™" [{"status":"Trust for this certificate or one of the certificates in the certificate chain has been revoked.","valid usage":"Code Signing","name":"KITTY'S LTD","algorithm":"sha256RSA","valid from":"12:00 AM 02/01/2019","valid to":"11:59 PM 02/01/2020","serial number":"37 8D 55 43 04 8E 58 3A 06 A0 81 9F 25 BD 9E 85","cert issuer":"Sectigo RSA Code Signing CA","thumbprint":"CF933A629598E5E192DA2086E6110AD1974F8EC3"},{"status":"Valid","valid usage":"Code Signing, Timestamp Signing","name":"Sectigo RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 11/02/2018","valid to":"11:59 PM 12/31/2030","serial number":"1D A2 48 30 6F 9B 26 18 D0 82 E0 96 7D 33 D3 6A","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"94C95DA1E850BD85209A4A2AF3E1FB1604F9BB66"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"USERTrust Secure™","algorithm":"sha384RSA","valid from":"12:00 AM 02/01/2010","valid to":"11:59 PM 01/18/2038","serial number":"01 FD 6D 30 FC A3 CA 51 A8 1B BC 64 0E 35 03 2D","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E"}] TR
1549370000 2019-02-05 12:33:20 47f5a231f7cd0e36508ca6ff8c21c08a7248f0f2bd79c1e772b73443597b09b4 PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1274736 39 Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Ransom.LockerGoga.A,Trojan.Lockergoga,Win32/Filecoder.LockerGoga.B,Trojan-Ransom.LockerGoga (A),W32/Filecoder_LockerGoga.B!tr,Win32.Trojan-Ransom.LockerGoga.B,Trojan-Ransom.LockerGoga,Ransom.LockerGoga,Trojan.Ransom.LockerGoga.A,Ransom.Win32.LOCKERGOGA.THBOGAI,Ransom.Win32.LOCKERGOGA.THBOGAI "KITTY'S LTD; Sectigo RSA Code Signing CA; USERTrust Secure™" [{"status":"Trust for this certificate or one of the certificates in the certificate chain has been revoked.","valid usage":"Code Signing","name":"KITTY'S LTD","algorithm":"sha256RSA","valid from":"12:00 AM 02/01/2019","valid to":"11:59 PM 02/01/2020","serial number":"37 8D 55 43 04 8E 58 3A 06 A0 81 9F 25 BD 9E 85","cert issuer":"Sectigo RSA Code Signing CA","thumbprint":"CF933A629598E5E192DA2086E6110AD1974F8EC3"},{"status":"Valid","valid usage":"Code Signing, Timestamp Signing","name":"Sectigo RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 11/02/2018","valid to":"11:59 PM 12/31/2030","serial number":"1D A2 48 30 6F 9B 26 18 D0 82 E0 96 7D 33 D3 6A","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"94C95DA1E850BD85209A4A2AF3E1FB1604F9BB66"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"USERTrust Secure™","algorithm":"sha384RSA","valid from":"12:00 AM 02/01/2010","valid to":"11:59 PM 01/18/2038","serial number":"01 FD 6D 30 FC A3 CA 51 A8 1B BC 64 0E 35 03 2D","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E"}] DE
1549440000 2019-02-06 8:00:00 39e298627215ed3bed76686f52eb741335195c2cd09b69181892b4fa9f53f514 ASCII English text, with CRLF line terminators 1434 1 Win32/Filecoder.LockerGoga TR
1549470000 2019-02-06 16:20:00 14e8a8095426245633cd6c3440afc5b29d0c8cd4acefd10e16f82eb3295077ca PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1268240 41 Generic.Ransom.LockerGoga.CC1CD792,Generic.Ransom.LockerGoga.CC1CD792,Generic.Ransom.LockerGoga.CC1CD792,Generic.Ransom.LockerGoga.CC1CD792,Trojan[Ransom]/Win32.LockerGoga.a,Trojan[Ransom]/Win32.LockerGoga.a,Generic.Ransom.LockerGoga.CC1CD792,Generic.Ransom.LockerGoga.CC1CD792,TR/LockerGoga.mfwsd,TR/LockerGoga.mfwsd,Generic.Ransom.LockerGoga.CC1CD792,Generic.Ransom.LockerGoga.CC1CD792,W32/LockerGoga.A.gen!Eldorado,W32/LockerGoga.A.gen!Eldorado,a variant of Win32/Filecoder.LockerGoga.A,a variant of Win32/Filecoder.LockerGoga.A,Generic.Ransom.LockerGoga.CC1CD792 (B),Generic.Ransom.LockerGoga.CC1CD792 (B),W32/LockerGoga.A.gen!Eldorado,W32/LockerGoga.A.gen!Eldorado,Trojan.TR/LockerGoga.mfwsd,Trojan.TR/LockerGoga.mfwsd,Win32.Trojan-Ransom.LockerGoga.A,Win32.Trojan-Ransom.LockerGoga.A,Trojan-Ransom.LockerGoga,Trojan-Ransom.LockerGoga,Generic.Ransom.LockerGoga.CC1CD792,Generic.Ransom.LockerGoga.CC1CD792,Trojan.Win32.Z.Lockergoga.1268240,Trojan.Win32.Z.Lockergoga.1268240 "MIKL LIMITED; COMODO RSA Code Signing CA; COMODO SECURE™" [{"status":"Trust for this certificate or one of the certificates in the certificate chain has been revoked.","valid usage":"Code Signing","name":"MIKL LIMITED","algorithm":"sha256RSA","valid from":"12:00 AM 06/25/2018","valid to":"11:59 PM 06/25/2019","serial number":"3D 25 80 E8 95 26 F7 85 2B 57 06 54 EF D9 A8 BF","cert issuer":"COMODO RSA Code Signing CA","thumbprint":"C1B4D57A36E0B6853DD38E3034EDF7D99A8B73AD"},{"status":"Valid","valid usage":"Code Signing","name":"COMODO RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 05/09/2013","valid to":"11:59 PM 05/08/2028","serial number":"2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF","cert issuer":"COMODO RSA Certification Authority","thumbprint":"B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"COMODO SECURE™","algorithm":"sha384RSA","valid from":"12:00 AM 01/19/2010","valid to":"11:59 PM 01/18/2038","serial number":"4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D","cert issuer":"COMODO RSA Certification Authority","thumbprint":"AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4"}] ES
1549600000 2019-02-08 4:26:40 7852b47e7a9e3f792755395584c64dd81b68ab3cbcdf82f60e50dc5fa7385125 PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1274736 38 TR/LockerGoga.jccbu,Trojan.Lockergoga,Win32/Filecoder.LockerGoga.B,Trojan-Ransom.LockerGoga (A),Trojan.TR/LockerGoga.jccbu,W32/Filecoder_LockerGoga.B!tr,Win32.Trojan-Ransom.LockerGoga.B,Trojan-Ransom.LockerGoga,Ransom.LockerGoga "KITTY'S LTD; Sectigo RSA Code Signing CA; USERTrust Secure™" [{"status":"Trust for this certificate or one of the certificates in the certificate chain has been revoked.","valid usage":"Code Signing","name":"KITTY'S LTD","algorithm":"sha256RSA","valid from":"12:00 AM 02/01/2019","valid to":"11:59 PM 02/01/2020","serial number":"37 8D 55 43 04 8E 58 3A 06 A0 81 9F 25 BD 9E 85","cert issuer":"Sectigo RSA Code Signing CA","thumbprint":"CF933A629598E5E192DA2086E6110AD1974F8EC3"},{"status":"Valid","valid usage":"Code Signing, Timestamp Signing","name":"Sectigo RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 11/02/2018","valid to":"11:59 PM 12/31/2030","serial number":"1D A2 48 30 6F 9B 26 18 D0 82 E0 96 7D 33 D3 6A","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"94C95DA1E850BD85209A4A2AF3E1FB1604F9BB66"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"USERTrust Secure™","algorithm":"sha384RSA","valid from":"12:00 AM 02/01/2010","valid to":"11:59 PM 01/18/2038","serial number":"01 FD 6D 30 FC A3 CA 51 A8 1B BC 64 0E 35 03 2D","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E"}] US
1552050000 2019-03-08 13:00:00 eda26a1cd80aac1c42cdbba9af813d9c4bc81f6052080bc33435d1e076e75aa0 PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1254264 46 TR/LockerGoga.biysb,a variant of Win32/Filecoder.LockerGoga.C,Trojan.TR/LockerGoga.biysb,Trojan-Ransom.LockerGoga,Ransom.LockerGoga,Ransom.LockerGoga!1.B635 (CLOUD) "ALISA LTD; Sectigo RSA Code Signing CA; USERTrust Secure™" [{"status":"Trust for this certificate or one of the certificates in the certificate chain has been revoked.","valid usage":"Code Signing","name":"ALISA LTD","algorithm":"sha256RSA","valid from":"12:00 AM 02/22/2019","valid to":"11:59 PM 02/21/2020","serial number":"5D A1 73 EB 1A C7 63 40 AC 05 8E 1F F4 BF 5E 1B","cert issuer":"Sectigo RSA Code Signing CA","thumbprint":"ACB38D45108C4F0C8894040646137C95E9BB39D8"},{"status":"Valid","valid usage":"Code Signing, Timestamp Signing","name":"Sectigo RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 11/02/2018","valid to":"11:59 PM 12/31/2030","serial number":"1D A2 48 30 6F 9B 26 18 D0 82 E0 96 7D 33 D3 6A","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"94C95DA1E850BD85209A4A2AF3E1FB1604F9BB66"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"USERTrust Secure™","algorithm":"sha384RSA","valid from":"12:00 AM 02/01/2010","valid to":"11:59 PM 01/18/2038","serial number":"01 FD 6D 30 FC A3 CA 51 A8 1B BC 64 0E 35 03 2D","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E"}] IT
1552050000 2019-03-08 13:00:00 eda26a1cd80aac1c42cdbba9af813d9c4bc81f6052080bc33435d1e076e75aa0 PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1254264 46 TR/LockerGoga.biysb,a variant of Win32/Filecoder.LockerGoga.C,Trojan.TR/LockerGoga.biysb,Trojan-Ransom.LockerGoga,Ransom.LockerGoga,Ransom.LockerGoga!1.B635 (CLOUD) "ALISA LTD; Sectigo RSA Code Signing CA; USERTrust Secure™" [{"status":"Trust for this certificate or one of the certificates in the certificate chain has been revoked.","valid usage":"Code Signing","name":"ALISA LTD","algorithm":"sha256RSA","valid from":"12:00 AM 02/22/2019","valid to":"11:59 PM 02/21/2020","serial number":"5D A1 73 EB 1A C7 63 40 AC 05 8E 1F F4 BF 5E 1B","cert issuer":"Sectigo RSA Code Signing CA","thumbprint":"ACB38D45108C4F0C8894040646137C95E9BB39D8"},{"status":"Valid","valid usage":"Code Signing, Timestamp Signing","name":"Sectigo RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 11/02/2018","valid to":"11:59 PM 12/31/2030","serial number":"1D A2 48 30 6F 9B 26 18 D0 82 E0 96 7D 33 D3 6A","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"94C95DA1E850BD85209A4A2AF3E1FB1604F9BB66"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"USERTrust Secure™","algorithm":"sha384RSA","valid from":"12:00 AM 02/01/2010","valid to":"11:59 PM 01/18/2038","serial number":"01 FD 6D 30 FC A3 CA 51 A8 1B BC 64 0E 35 03 2D","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E"}] CH
1552050000 2019-03-08 13:00:00 eda26a1cd80aac1c42cdbba9af813d9c4bc81f6052080bc33435d1e076e75aa0 PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1254264 46 TR/LockerGoga.biysb,a variant of Win32/Filecoder.LockerGoga.C,Trojan.TR/LockerGoga.biysb,Trojan-Ransom.LockerGoga,Ransom.LockerGoga,Ransom.LockerGoga!1.B635 (CLOUD) "ALISA LTD; Sectigo RSA Code Signing CA; USERTrust Secure™" [{"status":"Trust for this certificate or one of the certificates in the certificate chain has been revoked.","valid usage":"Code Signing","name":"ALISA LTD","algorithm":"sha256RSA","valid from":"12:00 AM 02/22/2019","valid to":"11:59 PM 02/21/2020","serial number":"5D A1 73 EB 1A C7 63 40 AC 05 8E 1F F4 BF 5E 1B","cert issuer":"Sectigo RSA Code Signing CA","thumbprint":"ACB38D45108C4F0C8894040646137C95E9BB39D8"},{"status":"Valid","valid usage":"Code Signing, Timestamp Signing","name":"Sectigo RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 11/02/2018","valid to":"11:59 PM 12/31/2030","serial number":"1D A2 48 30 6F 9B 26 18 D0 82 E0 96 7D 33 D3 6A","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"94C95DA1E850BD85209A4A2AF3E1FB1604F9BB66"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"USERTrust Secure™","algorithm":"sha384RSA","valid from":"12:00 AM 02/01/2010","valid to":"11:59 PM 01/18/2038","serial number":"01 FD 6D 30 FC A3 CA 51 A8 1B BC 64 0E 35 03 2D","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E"}] AR
1552050000 2019-03-08 13:00:00 eda26a1cd80aac1c42cdbba9af813d9c4bc81f6052080bc33435d1e076e75aa0 PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1254264 46 TR/LockerGoga.biysb,a variant of Win32/Filecoder.LockerGoga.C,Trojan.TR/LockerGoga.biysb,Trojan-Ransom.LockerGoga,Ransom.LockerGoga,Ransom.LockerGoga!1.B635 (CLOUD) "ALISA LTD; Sectigo RSA Code Signing CA; USERTrust Secure™" [{"status":"Trust for this certificate or one of the certificates in the certificate chain has been revoked.","valid usage":"Code Signing","name":"ALISA LTD","algorithm":"sha256RSA","valid from":"12:00 AM 02/22/2019","valid to":"11:59 PM 02/21/2020","serial number":"5D A1 73 EB 1A C7 63 40 AC 05 8E 1F F4 BF 5E 1B","cert issuer":"Sectigo RSA Code Signing CA","thumbprint":"ACB38D45108C4F0C8894040646137C95E9BB39D8"},{"status":"Valid","valid usage":"Code Signing, Timestamp Signing","name":"Sectigo RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 11/02/2018","valid to":"11:59 PM 12/31/2030","serial number":"1D A2 48 30 6F 9B 26 18 D0 82 E0 96 7D 33 D3 6A","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"94C95DA1E850BD85209A4A2AF3E1FB1604F9BB66"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"USERTrust Secure™","algorithm":"sha384RSA","valid from":"12:00 AM 02/01/2010","valid to":"11:59 PM 01/18/2038","serial number":"01 FD 6D 30 FC A3 CA 51 A8 1B BC 64 0E 35 03 2D","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E"}] ES
1552180000 2019-03-10 1:06:40 0e874661b6bc116f18230dd6b50f792a944f4ba8e3f58edf1f128517ce8d44ee RAR archive data, v20, 460453 25 TR/LockerGoga.biysb,a variant of Win32/Filecoder.LockerGoga.C,Trojan-Ransom.LockerGoga,Ransom.LockerGoga!1.B635 (CLOUD) HU
1552250000 2019-03-10 20:33:20 ba15c27f26265f4b063b65654e9d7c248d0d651919fafb68cb4765d1e057f93f PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1249144 37 TR/LockerGoga.arvsg,Win32/Filecoder.LockerGoga.D,Trojan.TR/LockerGoga.arvsg,Trojan-Ransom.LockerGoga,Ransom.LockerGoga,Ransom.Win32.LOCKERGOGA.THCAAAI,Ransom.Win32.LOCKERGOGA.THCAAAI "ALISA LTD; Sectigo RSA Code Signing CA; USERTrust Secure™" [{"status":"Valid","valid usage":"Code Signing","name":"ALISA LTD","algorithm":"sha256RSA","valid from":"12:00 AM 02/22/2019","valid to":"11:59 PM 02/21/2020","serial number":"5D A1 73 EB 1A C7 63 40 AC 05 8E 1F F4 BF 5E 1B","cert issuer":"Sectigo RSA Code Signing CA","thumbprint":"ACB38D45108C4F0C8894040646137C95E9BB39D8"},{"status":"Valid","valid usage":"Code Signing, Timestamp Signing","name":"Sectigo RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 11/02/2018","valid to":"11:59 PM 12/31/2030","serial number":"1D A2 48 30 6F 9B 26 18 D0 82 E0 96 7D 33 D3 6A","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"94C95DA1E850BD85209A4A2AF3E1FB1604F9BB66"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"USERTrust Secure™","algorithm":"sha384RSA","valid from":"12:00 AM 02/01/2010","valid to":"11:59 PM 01/18/2038","serial number":"01 FD 6D 30 FC A3 CA 51 A8 1B BC 64 0E 35 03 2D","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E"}] CA
1552250000 2019-03-10 20:33:20 ba15c27f26265f4b063b65654e9d7c248d0d651919fafb68cb4765d1e057f93f PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1249144 37 TR/LockerGoga.arvsg,Win32/Filecoder.LockerGoga.D,Trojan.TR/LockerGoga.arvsg,Trojan-Ransom.LockerGoga,Ransom.LockerGoga,Ransom.Win32.LOCKERGOGA.THCAAAI,Ransom.Win32.LOCKERGOGA.THCAAAI "ALISA LTD; Sectigo RSA Code Signing CA; USERTrust Secure™" [{"status":"Valid","valid usage":"Code Signing","name":"ALISA LTD","algorithm":"sha256RSA","valid from":"12:00 AM 02/22/2019","valid to":"11:59 PM 02/21/2020","serial number":"5D A1 73 EB 1A C7 63 40 AC 05 8E 1F F4 BF 5E 1B","cert issuer":"Sectigo RSA Code Signing CA","thumbprint":"ACB38D45108C4F0C8894040646137C95E9BB39D8"},{"status":"Valid","valid usage":"Code Signing, Timestamp Signing","name":"Sectigo RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 11/02/2018","valid to":"11:59 PM 12/31/2030","serial number":"1D A2 48 30 6F 9B 26 18 D0 82 E0 96 7D 33 D3 6A","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"94C95DA1E850BD85209A4A2AF3E1FB1604F9BB66"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"USERTrust Secure™","algorithm":"sha384RSA","valid from":"12:00 AM 02/01/2010","valid to":"11:59 PM 01/18/2038","serial number":"01 FD 6D 30 FC A3 CA 51 A8 1B BC 64 0E 35 03 2D","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E"}] IT
1552420000 2019-03-12 19:46:40 7bcd69b3085126f7e97406889f78ab74e87230c11812b79406d723a80c08dd26 PE32 executable for MS Windows (GUI) Intel 80386 32-bit 1249144 36 TR/LockerGoga.eipdo,Win32/Filecoder.LockerGoga.D,Trojan.TR/LockerGoga.eipdo,W32/Filecoder_LockerGoga.D!tr,Trojan-Ransom.LockerGoga,Ransom.LockerGoga,Ransom.LockerGoga!1.B635 (CLASSIC) "ALISA LTD; Sectigo RSA Code Signing CA; USERTrust Secure™" [{"status":"Valid","valid usage":"Code Signing","name":"ALISA LTD","algorithm":"sha256RSA","valid from":"12:00 AM 02/22/2019","valid to":"11:59 PM 02/21/2020","serial number":"5D A1 73 EB 1A C7 63 40 AC 05 8E 1F F4 BF 5E 1B","cert issuer":"Sectigo RSA Code Signing CA","thumbprint":"ACB38D45108C4F0C8894040646137C95E9BB39D8"},{"status":"Valid","valid usage":"Code Signing, Timestamp Signing","name":"Sectigo RSA Code Signing CA","algorithm":"sha384RSA","valid from":"12:00 AM 11/02/2018","valid to":"11:59 PM 12/31/2030","serial number":"1D A2 48 30 6F 9B 26 18 D0 82 E0 96 7D 33 D3 6A","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"94C95DA1E850BD85209A4A2AF3E1FB1604F9BB66"},{"status":"Valid","valid usage":"Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User","name":"USERTrust Secure™","algorithm":"sha384RSA","valid from":"12:00 AM 02/01/2010","valid to":"11:59 PM 01/18/2038","serial number":"01 FD 6D 30 FC A3 CA 51 A8 1B BC 64 0E 35 03 2D","cert issuer":"USERTrust RSA Certification Authority","thumbprint":"2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E"}] NL
1552420000 2019-03-12 19:46:40 b686c88bce6629088ce1044b30ad1d5b978fd754601b8b463bc1f611b01d05d7 ASCII English text, with CRLF line terminators 1428 1 Win32/Filecoder.LockerGoga NL
1552970000 2019-03-19 4:33:20 ec52b27743056ef6182bc58d639f477f9aab645722f8707300231fd13a4aa51f Zip archive data, at least v2.0 to extract 580460 12 Gen:Variant.Ransom.LockerGoga.4,Trojan.Ransom.LockerGoga.4,Gen:Variant.Ransom.LockerGoga.4,a variant of Win32/Filecoder.LockerGoga.D,Gen:Variant.Ransom.LockerGoga.4,Gen:Variant.Ransom.LockerGoga.4,Ransom.LockerGoga!1.B635 (CLASSIC) NO
1552980000 2019-03-19 7:20:00 7a059301a1c6198bb3a2cb2ae8cd358486f806ea1b202c4ca8613846a9c3cc64 Zip archive data, at least v2.0 to extract 580460 12 Gen:Variant.Ransom.LockerGoga.4,Trojan.Ransom.LockerGoga.4,Gen:Variant.Ransom.LockerGoga.4,a variant of Win32/Filecoder.LockerGoga.D,Gen:Variant.Ransom.LockerGoga.4,Gen:Variant.Ransom.LockerGoga.4,Ransom.LockerGoga!1.B635 (CLASSIC) NO
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.