mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-12-02 11:47:18 +00:00
add qwertyransomware
This commit is contained in:
parent
5fa09c0962
commit
37a0b96a7b
1 changed files with 16 additions and 2 deletions
|
@ -9325,13 +9325,27 @@
|
||||||
"Vagger",
|
"Vagger",
|
||||||
"DONTSLIP"
|
"DONTSLIP"
|
||||||
]
|
]
|
||||||
}
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "Qwerty Ransomware",
|
||||||
|
"description": "A new ransomware has been discovered that utilizes the legitimate GnuPG, or GPG, encryption program to encrypt a victim's files. Currently in the wild, this ransomware is called Qwerty Ransomware and will encrypt a victims files, overwrite the originals, and the append the .qwerty extension to an encrypted file's name.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.bleepingcomputer.com/news/security/qwerty-ransomware-utilizes-gnupg-to-encrypt-a-victims-files/"
|
||||||
|
],
|
||||||
|
"ransomnotes": [
|
||||||
|
"Your computer is encrypted . Mail cryz1@protonmail.com . Send your ID 5612.\nNote! You have only 72 hours for write on e-mail (see below) or all your files will be lost!",
|
||||||
|
"README_DECRYPT.txt"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "15c370c0-2799-11e8-a959-57cdcd57e3bf"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"source": "Various",
|
"source": "Various",
|
||||||
"uuid": "10cf658b-5d32-4c4b-bb32-61760a640372",
|
"uuid": "10cf658b-5d32-4c4b-bb32-61760a640372",
|
||||||
"name": "Ransomware",
|
"name": "Ransomware",
|
||||||
"version": 6,
|
"version": 7,
|
||||||
"type": "ransomware",
|
"type": "ransomware",
|
||||||
"description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml and http://pastebin.com/raw/GHgpWjar"
|
"description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml and http://pastebin.com/raw/GHgpWjar"
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue