add ransomwares

This commit is contained in:
Deborah Servili 2018-12-12 09:27:27 +01:00
parent bf77e1125a
commit 3183a4d1ff
No known key found for this signature in database
GPG key ID: 7E3A832850D4D7D1

View file

@ -3295,7 +3295,9 @@
".fire", ".fire",
".myjob", ".myjob",
".[cyberwars@qq.com].war", ".[cyberwars@qq.com].war",
".risk" ".risk",
".RISK",
".bkpx"
], ],
"ransomnotes": [ "ransomnotes": [
"README.txt", "README.txt",
@ -6893,6 +6895,15 @@
"http://www.bleepingcomputer.com/news/security/new-python-ransomware-called-holycrypt-discovered/" "http://www.bleepingcomputer.com/news/security/new-python-ransomware-called-holycrypt-discovered/"
] ]
}, },
"related": [
{
"dest-uuid": "d3337bec-fd4e-11e8-a3ad-e799cc59c59c",
"tags": [
"estimative-language:likelihood-probability=\"likely\""
],
"type": "similar"
}
],
"uuid": "c71819a4-f6ce-4265-b0cd-24a98d84321c", "uuid": "c71819a4-f6ce-4265-b0cd-24a98d84321c",
"value": "HolyCrypt" "value": "HolyCrypt"
}, },
@ -10020,7 +10031,8 @@
".bomber", ".bomber",
".CRYPTO", ".CRYPTO",
".lolita", ".lolita",
".stevenseagal@airmail.cc" ".stevenseagal@airmail.cc",
".lol"
], ],
"ransomnotes": [ "ransomnotes": [
"IF YOU WANT TO GET ALL YOUR FILES BACK, PLEASE READ THIS.TXT", "IF YOU WANT TO GET ALL YOUR FILES BACK, PLEASE READ THIS.TXT",
@ -10034,7 +10046,8 @@
"https://www.bleepstatic.com/images/news/columns/week-in-ransomware/2018/september/14/Scarab-ransomware.jpg", "https://www.bleepstatic.com/images/news/columns/week-in-ransomware/2018/september/14/Scarab-ransomware.jpg",
"https://www.bleepstatic.com/images/news/columns/week-in-ransomware/2018/november/23/DsnFZrGX4AE2H1c[1].jpg", "https://www.bleepstatic.com/images/news/columns/week-in-ransomware/2018/november/23/DsnFZrGX4AE2H1c[1].jpg",
"_How to restore files.TXT", "_How to restore files.TXT",
"https://www.bleepstatic.com/images/news/columns/week-in-ransomware/2018/november/30/Ds8PMFpW0AIcYuJ[1].jpg" "https://www.bleepstatic.com/images/news/columns/week-in-ransomware/2018/november/30/Ds8PMFpW0AIcYuJ[1].jpg",
"https://www.bleepstatic.com/images/news/columns/week-in-ransomware/2018/december/7/DtzAAIAW0AEHC86[1].jpg"
], ],
"refs": [ "refs": [
"https://www.bleepingcomputer.com/news/security/scarab-ransomware-pushed-via-massive-spam-campaign/", "https://www.bleepingcomputer.com/news/security/scarab-ransomware-pushed-via-massive-spam-campaign/",
@ -11507,7 +11520,99 @@
}, },
"uuid": "b2aa807d-98fa-48e4-927b-4e81a50736e5", "uuid": "b2aa807d-98fa-48e4-927b-4e81a50736e5",
"value": "WeChat Ransom" "value": "WeChat Ransom"
},
{
"meta": {
"extensions": [
".israbye"
],
"ransomnotes": [
"https://www.bleepstatic.com/images/news/columns/week-in-ransomware/2018/december/7/Dtlxf0eW4AAJCdZ[1].jpg",
"https://pbs.twimg.com/media/DtlxfFsW4AAs-Co.jpg"
],
"refs": [
"https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-7th-2018-wechat-ransomware-scammers-and-more/",
"https://www.youtube.com/watch?v=QevoUzbqNTQ",
"https://twitter.com/GrujaRS/status/1070011234521673728"
]
},
"uuid": "3ade75c8-6ef7-4c54-84d0-cab0161d3415",
"value": "IsraBye"
},
{
"meta": {
"extensions": [
"prepend (encrypted)"
],
"ransomnotes": [
"https://www.bleepstatic.com/images/news/columns/week-in-ransomware/2018/december/7/DtkQKCDWoAM13kD[1].jpg"
],
"refs": [
"https://twitter.com/struppigel/status/1069905624954269696",
"https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-7th-2018-wechat-ransomware-scammers-and-more/"
],
"related": [
{
"dest-uuid": "c71819a4-f6ce-4265-b0cd-24a98d84321c",
"tags": [
"estimative-language:likelihood-probability=\"likely\""
],
"type": "similar"
}
]
},
"uuid": "d3337bec-fd4e-11e8-a3ad-e799cc59c59c",
"value": "Dablio Ransomware"
},
{
"meta": {
"extensions": [
".XY6LR"
],
"ransomnotes": [
"https://pbs.twimg.com/media/Dtz4PD2WoAIWtRv.jpg",
"DECRYPT.txt"
],
"refs": [
"https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-7th-2018-wechat-ransomware-scammers-and-more/",
"https://twitter.com/petrovic082/status/1071003939015925760"
]
},
"uuid": "3bcc725f-6b89-4350-ad79-f50daa30f74e",
"value": "Gerber Ransomware 1.0"
},
{
"uuid": "54240144-05c2-43f0-8386-4301a85330bb",
"value": "Gerber Ransomware 3.0"
},
{
"meta": {
"extensions": [
".protected"
],
"ransomnotes": [
"https://www.bleepstatic.com/images/news/columns/week-in-ransomware/2018/december/7/Dt1_DpMXcAMC8J_[1].jpg"
],
"refs": [
"https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-7th-2018-wechat-ransomware-scammers-and-more/",
"https://twitter.com/GrujaRS/status/1071153192975642630",
"https://www.youtube.com/watch?v=iB019lDvArs"
]
},
"uuid": "9ebfa028-a9dd-46ec-a915-1045fb297824",
"value": "Outsider"
},
{
"description": "Uses http://ccrypt.sourceforge.net/ encryption program",
"meta": {
"refs": [
"https://twitter.com/demonslay335/status/1071123090564923393",
"https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-7th-2018-wechat-ransomware-scammers-and-more/"
]
},
"uuid": "23fcbbf1-93ee-4baf-9082-67ca26553643",
"value": "JungleSec"
} }
], ],
"version": 45 "version": 46
} }