Blue Locker' Analysis Ransomware Targeting Oil & Gas Sector In Pakistan

This week, Pakistan’s National Cyber Emergency Response Team (NCERT) has issued an advisory to 39 key ministries and institutions, warning them of a “severe risk” posed by the ongoing ‘Blue Locker’ malware attacks. An NCERT spokesperson confirmed on Sunday that a few Pakistani organizations have been affected by the ransomware.

Resecurity has acquired binary samples of the “Blue Locker” ransomware and provided a detailed reverse engineering analysis in this report to raise awareness within the cybersecurity community and equip network defenders with additional insights due to limited information about this activity.

Indicator of Compromise (IOC) Besides the IOCs shared by NCERT, Resecurity acquired additional artifacts that may be useful in “Blue Locker” ransomware detection:

• d3cc6cc4538d57f2d1f8a9d46a3e8be73ed849f7fe37d1d969c0377cf1d0fadc
• e6bd4ed287d1336206f5b4b65011e570267418799eb60c2d0d7496d5d9e95a33
• 6eeb20cc709a18bf8845f7b678967b7f0ff96475cf51a261da87244886bbfd2e
• 515bd71a8b3c2bce7b40b89ddfe2e94d332b0779d569c58117f8dcdcb8a91ed9

To read the complete article, see: Blue Locker Analysis: Ransomware Targeting Oil & Gas Sector In Pakistan .