Merge branch 'MISP:main' into main

README.md

@@ -485,9 +485,9 @@ Category: *actor* - source: *MISP Project* - total: *33* elements
 
 ## Ransomware
 
-[Ransomware](https://www.misp-galaxy.org/ransomware) - Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml and http://pastebin.com/raw/GHgpWjar
+[Ransomware](https://www.misp-galaxy.org/ransomware) - Ransomware galaxy based on different sources and maintained by the MISP Project.
 
-Category: *tool* - source: *Various* - total: *1799* elements
+Category: *tool* - source: *Various* - total: *1801* elements
 
 [[HTML](https://www.misp-galaxy.org/ransomware)] - [[JSON](https://github.com/MISP/misp-galaxy/blob/main/clusters/ransomware.json)]
 

clusters/ransomware.json

@@ -3,10 +3,11 @@
     "https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml",
     "http://pastebin.com/raw/GHgpWjar",
     "MISP Project",
-    "https://id-ransomware.blogspot.com/2016/07/ransomware-list.html"
+    "https://id-ransomware.blogspot.com/2016/07/ransomware-list.html",
+    "ransomlook.io"
   ],
   "category": "tool",
-  "description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml and http://pastebin.com/raw/GHgpWjar",
+  "description": "Ransomware galaxy based on different sources and maintained by the MISP Project.",
   "name": "Ransomware",
   "source": "Various",
   "type": "ransomware",
@@ -28151,7 +28152,8 @@
           "http://3slz4povugieoi3tw7sblxoowxhbzxeju427cffsst5fo2tizepwatid.onion",
           "http://h3reihqb2y7woqdary2g3bmk3apgtxuyhx4j2ftovbhe3l5svev7bdyd.onion",
           "http://h3reihqb2y7woqdary2g3bmk3apgtxuyhx4j2ftovbhe3l5svev7bdyd.onion/stm.html",
-          "http://pdcizqzjitsgfcgqeyhuee5u6uki6zy5slzioinlhx6xjnsw25irdgqd.onion"
+          "http://pdcizqzjitsgfcgqeyhuee5u6uki6zy5slzioinlhx6xjnsw25irdgqd.onion",
+          "http://6sf5xa7eso3e3vk46i5tpcqhnlayczztj7zjktzaztlotyy75zs6j7qd.onion"
         ],
         "refs": [
           "https://www.ransomlook.io/group/stormous"
@@ -28414,7 +28416,8 @@
       "meta": {
         "links": [
           "https://hunters55rdxciehoqzwv7vgyv6nt37tbwax2reroyzxhou7my5ejyid.onion",
-          "https://hunters33mmcwww7ek7q5ndahul6nmzmrsumfs6aenicbqon6mxfiqyd.onion/login"
+          "https://hunters33mmcwww7ek7q5ndahul6nmzmrsumfs6aenicbqon6mxfiqyd.onion/login",
+          "https://huntersinternational.net"
         ],
         "refs": [
           "https://www.ransomlook.io/group/hunters"
@@ -29472,7 +29475,11 @@
         "links": [
           "http://e27z5kd2rjsern2gpgukhcioysqlfquxgf7rxpvcwepxl4lfc736piyd.onion",
           "http://cybertube.video/web/index.html#!/details?id=0c3b52f6e73709725dc6e12b30b139d9&serverId=2be5e68176ff4f8fbb930fe66321ab72",
-          "http://e27z5kd2rjsern2gpgukhcioysqlfquxgf7rxpvcwepxl4lfc736piyd.onion/back/getallblogs"
+          "http://e27z5kd2rjsern2gpgukhcioysqlfquxgf7rxpvcwepxl4lfc736piyd.onion/back/getallblogs",
+          "http://dispossessor.com",
+          "http://dispossessor-cloud.com",
+          "http://cybernewsint.com",
+          "http://redhotcypher.com"
         ],
         "refs": [
           "https://www.ransomlook.io/group/dispossessor"
@@ -29595,7 +29602,31 @@
       },
       "uuid": "5cc68850-aeb0-507f-a981-9457bcf37c0c",
       "value": "rtm locker"
+    },
+    {
+      "meta": {
+        "links": [
+          "http://radar.ltd"
+        ],
+        "refs": [
+          "https://www.ransomlook.io/group/radar"
+        ]
+      },
+      "uuid": "0b0e39f8-1a22-58da-98ea-96f4819a68fa",
+      "value": "radar"
+    },
+    {
+      "meta": {
+        "links": [
+          "http://onyxcgfg4pjevvp5h34zvhaj45kbft3dg5r33j5vu3nyp7xic3vrzvad.onion/"
+        ],
+        "refs": [
+          "https://www.ransomlook.io/group/helldown"
+        ]
+      },
+      "uuid": "1fe17577-91bb-581b-8189-c61f05cf35aa",
+      "value": "helldown"
     }
   ],
-  "version": 130
+  "version": 131
 }