[ MALWARE MUTEX INTELLIGENCE DATABASE ]
 ███████╗██╗   ██╗██╗██╗         ███╗   ███╗██╗   ██╗████████╗███████╗██╗  ██╗
 ██╔════╝██║   ██║██║██║         ████╗ ████║██║   ██║╚══██╔══╝██╔════╝╚██╗██╔╝
█████╗  ██║   ██║██║██║         ██╔████╔██║██║   ██║   ██║   █████╗   ╚███╔╝
██╔══╝  ╚██╗ ██╔╝██║██║         ██║╚██╔╝██║██║   ██║   ██║   ██╔══╝   ██╔██╗
 ███████╗ ╚████╔╝ ██║███████╗    ██║ ╚═╝ ██║╚██████╔╝   ██║   ███████╗██╔╝ ██╗
 ╚══════╝  ╚═══╝  ╚═╝╚══════╝    ╚═╝     ╚═╝ ╚═════╝    ╚═╝   ╚══════╝╚═╝  ╚═╝

Advanced Malware Analysis & Threat Intelligence

06:17:10
[ALL_FAMILIES]

Crytox

ransomware2 mutex signatures

[BASIC_INFORMATION]

FAMILY_NAME:
Crytox
CATEGORY:
RANSOMWARE
DESCRIPTION:
Crytox is a ransomware family that has been observed in various cybercriminal campaigns. The malware is designed to encrypt files on victim systems and demand payment for decryption. It employs sophisticated encryption techniques and has been analyzed for its chaotic encryption patterns and multi-stage attack capabilities.
ALIASES:
Crytox Ransomware
TAGS:
file_encryptionextortioncybercriminalchaotic_encryptionmulti_stage

[MUTEX_SIGNATURES](2)

[MUTEX_01]
itkd<4_characters_generated_based_on_targetPID>
ANALYST: @adhikara13 DATE: 2024-07-16
REFERENCES:
https://labs.k7computing.com/index.php/encrypted-chaos-analysis-of-crytox-ransomware/
https://www.trendmicro.com/vinfo/jp/threat-encyclopedia/malware/ransom.win64.crytox.a
[MUTEX_02]
CSWS<4_characters_generated_based_on_targetPID>
ANALYST: @adhikara13 DATE: 2024-07-16
REFERENCES:
https://www.zscaler.com/blogs/security-research/technical-analysis-crytox-ransomware

[QUICK_ACTIONS]

[THREAT_INTELLIGENCE]

ATTRIBUTION:
Unknown
FIRST_OBSERVED:
2024

[SIGMA_RULE]

[STATISTICS]
MUTEX_COUNT:2
THREAT_ACTORS:1
ALIASES:1
TAGS:5
CATEGORY:RANSOMWARE
 Malware profile loaded successfully 
 EvilMutex Project v1.0.0 
 Open Source Threat Intelligence Database 
[GITHUB][DOCS]