Merge pull request #198 from Delta-Sierra/master

add Xiaoba
2024-11-23 07:17:17 +00:00 · 2018-04-20 10:37:35 +02:00 · 2018-04-20 10:37:35 +02:00 · 01b05f66aa
commit 01b05f66aa
parent 9962254e82 f95f7b6057
1 changed files with 58 additions and 1 deletions
--- a/clusters/ransomware.json
+++ b/clusters/ransomware.json
@ -9549,12 +9549,69 @@
        ]
      },
      "uuid": "449e18b0-43d1-11e8-847e-0fed641732a1"
    },
    {
      "value": "XiaoBa ransomware",
      "meta": {
        "refs": [
          "https://www.bleepingcomputer.com/news/security/xiaoba-ransomware-retooled-as-coinminer-but-manages-to-ruin-your-files-anyway/",
          "https://twitter.com/malwrhunterteam/status/923847744137154560",
          "https://twitter.com/struppigel/status/926748937477939200",
          "https://twitter.com/demonslay335/status/968552114787151873"
        ],
        "extensions": [
          ".Encrypted[BaYuCheng@yeah.net].XiaBa",
          ".XiaoBa1",
          ".XiaoBa2",
          ".XiaoBa3",
          ".XiaoBa4",
          ".XiaoBa5",
          ".XiaoBa6",
          ".XiaoBa7",
          ".XiaoBa8",
          ".XiaoBa9",
          ".XiaoBa10",
          ".XiaoBa11",
          ".XiaoBa12",
          ".XiaoBa13",
          ".XiaoBa14",
          ".XiaoBa15",
          ".XiaoBa16",
          ".XiaoBa17",
          ".XiaoBa18",
          ".XiaoBa19",
          ".XiaoBa20",
          ".XiaoBa21",
          ".XiaoBa22",
          ".XiaoBa23",
          ".XiaoBa24",
          ".XiaoBa25",
          ".XiaoBa26",
          ".XiaoBa27",
          ".XiaoBa28",
          ".XiaoBa29",
          ".XiaoBa30",
          ".XiaoBa31",
          ".XiaoBa32",
          ".XiaoBa33",
          ".XiaoBa34"
        ],
        "ransomnotes": [
          "https://pbs.twimg.com/media/DNIoIFuX4AAce7J.jpg",
          "https://pbs.twimg.com/media/DNx5Of-X0AASVda.jpg",
          "_@XiaoBa@_.bmp",
          "_@Explanation@_.hta",
          "_XiaoBa_Info_.hta",
          "_XiaoBa_Info_.bmp"
        ]
      },
      "uuid": "ef094aa6-4465-11e8-81ce-739cce28650b"
    }
  ],
  "source": "Various",
  "uuid": "10cf658b-5d32-4c4b-bb32-61760a640372",
  "name": "Ransomware",
-  "version": 16,
+  "version": 17,
  "type": "ransomware",
  "description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml and http://pastebin.com/raw/GHgpWjar"
 }