Avaddon ransomware, which translates to Abaddon, meaning doom or destruction. It encrypts user data using AES-256 + RSA-2048, and then requires a ransom of $150 to $350 or more in BTC in order to return the files. Avaddon which translates to Abaddon, Angel of the Abyss, commanding the legions of locusts. "Avaddon" in Hebrew means "place of death" or "depth of hell." Mentioned in various literary works.
It spread via malspam the theme for these messages is very simple. All contain various subject lines that attempt to entice the recipient to open a "photo" along with a wink emoji in the body of the email.
Avaddon Malspam Attachment Signatures
Family: TrojanDownloader:PowerShell/Ploprolo.A
MD5: 06072312768ba47c162d2aead14bb170
SHA256: cc4d665c468bcb850baf9baab764bb58e8b0ddcb8a8274b6335db5af86af72fb
Avaddon Malspam Attachment Download
Avaddon Dropper Signatures
Family: Ransom:Win32/Avaddon.PA!MTB
MD5: c9ec0d9ff44f445ce5614cc87398b38d
SHA256: 05af0cf40590aef24b28fa04c6b4998b7ab3b7f26e60c507adb84f3d837778f2
Avaddon Dropper Download
