Entropy

Known to use a Captcha to block crawling.

Description

Entropy is a ransomware first seen in 1st quarter of 2022, is being used in conjunction of Dridex infection. The ransomware uses a custom packer to pack itself which has been seen in some early dridex samples.

External Analysis
https://killingthebear.jorgetesta.tech/actors/evil-corp
https://news.sophos.com/en-us/2022/02/23/dridex-bots-deliver-entropy-ransomware-in-recent-attacks/
https://news.sophos.com/en-us/2022/02/23/dridex-bots-deliver-entropy-ransomware-in-recent-attacks/?cmp=30728
https://news.sophos.com/en-us/2022/03/17/the-ransomware-threat-intelligence-center/
Urls
Screen
http://leaksv7sroztl377bbohzl42i3ddlfsxopcb6355zc7olzigedm5agad.onion/posts
File servers
Screen
Chat servers
Screen