From f50ce73d12ff9fe4ad1c3a549843f91f40704325 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Thu, 10 Oct 2024 20:37:16 +0200 Subject: [PATCH] chg: [ransomware] updated --- clusters/ransomware.json | 108 +++++++++++++++++++++++++++++++++++---- 1 file changed, 99 insertions(+), 9 deletions(-) diff --git a/clusters/ransomware.json b/clusters/ransomware.json index 5980df9..cb71b77 100644 --- a/clusters/ransomware.json +++ b/clusters/ransomware.json @@ -16079,7 +16079,13 @@ "description": "Ransomware", "meta": { "links": [ - "http://black3gnkizshuynieigw6ejgpblb53mpasftzd6pydqpmq2vn2xf6yd.onion" + "http://black3gnkizshuynieigw6ejgpblb53mpasftzd6pydqpmq2vn2xf6yd.onion", + "http://4qyjonpyksc52bc3fsgfgedssqgo4a6vlfsjknqnkncbyl4layqkqjid.onion/", + "http://eleav2eq3ioyiuevbyvqaz3vruwvpislphszo4cm7n56itbpnupxngyd.onion/", + "http://2cyxmof76rxeqze5snxxooqmhzjtcploqswxoxmenfayphumdhrtrzqd.onion/", + "http://rqqn25k3hgmfkh7ykjbmakjgidwweomr7cbpy6pfecpxs57r5iwzwtyd.onion/", + "http://mu6se7h7qfwuqclr4cc6zy7qevod6gyk37aq5vwnayrtbx3qqycx2fyd.onion/", + "http://urey23jtg6z7xx3tiybmc4sgcim7dawiz2abl6crpup2lfobf7yb5wyd.onion/" ], "refs": [ "https://www.ransomlook.io/group/blackout" @@ -26757,7 +26763,8 @@ ], "links": [ "http://omegalock5zxwbhswbisc42o2q2i54vdulyvtqqbudqousisjgc7j7yd.onion/", - "https://0mega.cc/" + "https://0mega.cc/", + "https://0mega.ws/" ], "ransomnotes-filenames": [ "DECRYPT-FILES.txt" @@ -28550,7 +28557,8 @@ "meta": { "links": [ "http://basemmnnqwxevlymli5bs36o5ynti55xojzvn246spahniugwkff2pad.onion/", - "http://xb6q2aggycmlcrjtbjendcnnwpmmwbosqaugxsqb4nx6cmod3emy7sad.onion" + "http://xb6q2aggycmlcrjtbjendcnnwpmmwbosqaugxsqb4nx6cmod3emy7sad.onion", + "http://92.118.36.204/" ], "refs": [ "https://www.ransomlook.io/group/8base" @@ -28654,7 +28662,34 @@ { "meta": { "links": [ - "http://3ev4metjirohtdpshsqlkrqcmxq6zu3d7obrdhglpy5jpbr7whmlfgqd.onion" + "http://3ev4metjirohtdpshsqlkrqcmxq6zu3d7obrdhglpy5jpbr7whmlfgqd.onion", + "http://ufvi7hpcawesdklmommeeq4iokhq2km4hay3dwh4rirth5xaomle35id.onion/", + "http://t7ogwvu74a6flssns55yv7zw2xvssqbhrdbxqrwbahumyzwklnvqayid.onion/", + "http://gmxnejtsg3uiwopmnsooxbi3p2nukwemkvm7bg44tgbbnuuuyofqjfyd.onion/", + "http://jtjz6utbmabwcatyomwxaeum7ey7nxs7yooqflxhctnksjqsnammonqd.onion/", + "http://2mhkqjcw4auxop7auchz2iijcbj63qccwodtokofbb2ul5oejkkt6xyd.onion/", + "http://wka7ma7rzgmzmtn65dhv5zp5p6e3uv5sydnns7xsf6kpf7noukhchhqd.onion/", + "http://l3yeoyhnphtymqua5env7qitedmqv5ahe7waxgndwa64z2c2h3cjjhqd.onion/", + "http://2j45tydxcvm44jbyr6krhx77rzey3jtif5qdjak2gik4usoljvvhqaid.onion/", + "http://cuft7z2xlfogrtx4ddqnjqyerye2qtagksow2fip4xbb5iw7dsgtvhqd.onion/", + "http://wyz32kscr2ythqpyjwqfxcaxn5576fdurr7jag44gggnmi4cvhykhvid.onion/", + "http://3pb6cefz6hubgyb2ph7ua7yjzjpxwapbbp5zomz7xmvrjhjfykjwu6id.onion/", + "http://kn4spxunete4ddz7375i2wpnj4vvkir7wdmcg2pc5yod56lmb54nbayd.onion/", + "http://2ikvareyuw2wjnc4vb5yteq7d2tkg6k3gevnixzqtkn3cpvej6ajj4yd.onion/", + "http://wflff64dxxqvfhd7poarkvkphmibdjyyhv7h4zqo5m52ggsgncmbrbqd.onion/", + "http://frheu6drsqpehmuyrdxdrfu5bzqwxps4zlmnuxlcnxskwxcwqsyhwxyd.onion/", + "http://kceqbaoxmx2czutxty3mq35m5mv46dq66hpszrhbhduj7uwhu6ax3qad.onion/", + "http://4nsmlpz4qceow7bfrmarxdqaj7chcqobin3mzb27uhscb2yvjs6j4xqd.onion/", + "http://nka6xgyyu77ksb5xmmovp4en2hrkg53mfq2osql526oe7nybnlggfgid.onion/", + "http://mflnjnwfinorxxsgkyfel3fqanbtbbrl5k5mqqjwmrf7o3jc6a4hy3id.onion/", + "http://jtt4lqatjtrj5hxxi33dczkluouf5wivzdmy4v62dnhipk6ixk5mktad.onion/", + "http://udugclljnfcx34amtpddkjggmkfqci5xnlfef2hqtxstufulo3pvauid.onion/", + "http://vmmefm7ktazj2bwtmy46o3wxhk42tctasyyqv6ymuzlivszteyhkkyad.onion/", + "http://cfev2mvlqooohl3af2upkgu3ju4qcgqrrgh6sprfxkgh3qldh2ykxzyd.onion/", + "http://2fzahjlleflpcyecd245xe3q6tczjkwzcm4fbhd4q4bsun45y2csyayd.onion/", + "http://wpefgvpyuszr4vg444qed734big233itylqclte7usszbdbfyqvb2lqd.onion/", + "http://gvzbeu532wwxqze3v3xcxpsbhpvwusnajzahi55dqklbunzgjp5wchad.onion/", + "http://ieelfdk3qr6as2u5cx3kfo57pdu6s77lis3lafg5lx5ljqf2izial6ad.onion/" ], "refs": [ "https://www.ransomlook.io/group/abyss-data" @@ -28928,7 +28963,20 @@ "links": [ "http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog", "http://3pktcrcbmssvrnwe5skburdwe2h3v6ibdnn5kbjqihsg6eu6s6b7ryqd.onion/login", - "http://dragonforxxbp3awc7mzs5dkswrua3znqyx5roefmi4smjrsdi22xwqd.onion" + "http://dragonforxxbp3awc7mzs5dkswrua3znqyx5roefmi4smjrsdi22xwqd.onion", + "http://zsglo7t7osxyk3vcl7zxzup7hs4ir52sntteymmw63zvoxzcqytlw7qd.onion/", + "http://6dgi54prfmpuuolutr4hl3akasxbx4o34g5y2bj4blrvzzkjemhxenad.onion/", + "http://eogeko3sdn66gb7vjpwpmlmmmzfx7umtwaugpf5l6tb5jveolfydnuad.onion/", + "http://ewrxgpvv7wsrqq7itfwg5jr7lkc6zzknndmru5su2ugrowxo3wwy5yad.onion/", + "http://3ro23rujyigqrlrwk3e4keh3a3i6ntgrm3f42tbiqtf7vke47c6a6ayd.onion/", + "http://jziu7k7uee467r2wt66ndrwymmw7tsmqgcqi7aemcaxraqmaf2hdm3yd.onion/", + "http://2yczff6zyiey3gkgl5anwejktdp73abxbzbnvwobmrwkwgf3hudpyvyd.onion/", + "http://bpoowhokr3vi32l3t4mjdtdxfrfpigwachopk5ojwmgxihnojhsawuyd.onion/", + "http://dbvczza7nhwdb5kdvkzjtkrcvwnrt5viw7mihutueprvajy7rxhwq6id.onion/", + "http://xtcwd3xmxpggtizn7kmwwqeizexflkkyqsytg2kauccau6ddsfa4gfyd.onion/", + "http://4wcrfql53ljekid3sn66z6swjot725muveddq77utxltaelw64eikfid.onion/", + "http://73h3lxn24kuayyfkn4t6ij7e67jklo24vqzqdhpts3ygmim7hu6u6aid.onion/", + "http://nwtetzmrqhxieetg5lvth7szzvg35gfrqt23ly46vku56oo7pkueswyd.onion/" ], "refs": [ "https://www.ransomlook.io/group/dragonforce" @@ -28945,7 +28993,8 @@ "http://mjmru3yz65o5szsp4rmkmh4adlezcpy5tqjjc4y5z6lozk3nnz2da2ad.onion/", "http:// http://an2ce4pqpf2ipvba2djurxi5pnxxhu3uo7ackul6eafcundqtly7bhid.onion", "http://fpwwt67hm3mkt6hdavkfyqi42oo3vkaggvjj4kxdr2ivsbzyka5yr2qd.onion", - "http://an2ce4pqpf2ipvba2djurxi5pnxxhu3uo7ackul6eafcundqtly7bhid.onion" + "http://an2ce4pqpf2ipvba2djurxi5pnxxhu3uo7ackul6eafcundqtly7bhid.onion", + "http://xeuvs5poflczn5i5kbynb5rupmidb5zjuza6gaq22uqsdp3jvkjkciqd.onion/" ], "refs": [ "https://www.ransomlook.io/group/ransomhub" @@ -29362,7 +29411,9 @@ { "meta": { "links": [ - "https://apos.blog" + "https://apos.blog", + "http://yrz6bayqwhleymbeviter7ejccxm64sv2ppgqgderzgdhutozcbbhpqd.onion/rules", + "http://yrz6bayqwhleymbeviter7ejccxm64sv2ppgqgderzgdhutozcbbhpqd.onion/" ], "refs": [ "https://www.ransomlook.io/group/apos" @@ -29493,7 +29544,8 @@ { "meta": { "links": [ - "http://cicadabv7vicyvgz5khl7v2x5yygcgow7ryy6yppwmxii4eoobdaztqd.onion/" + "http://cicadabv7vicyvgz5khl7v2x5yygcgow7ryy6yppwmxii4eoobdaztqd.onion/", + "http://cicadacnft7gcgnveb7wjm6pjpjcjcsugogmlrat7u7pcel3iwb7bhyd.onion/" ], "refs": [ "https://www.ransomlook.io/group/cicada3301" @@ -29811,7 +29863,45 @@ }, "uuid": "9d7ca9df-c219-59fc-93fb-86f4606942ba", "value": "nitrogen" + }, + { + "meta": { + "links": [ + "http://sarcomawmawlhov7o5mdhz4eszxxlkyaoiyiy2b5iwxnds2dmb4jakad.onion", + "http://bi32pq7y3gqq3qacgvamnk2s2elnppvevqp325wtk2wo7vh2zavjcfid.onion/", + "http://54yjkjwjqbm74nchm6o6b4l775ws2hgesdopus5jvo3jx6ftj7zn7mid.onion/", + "http://ngvvafvhfgwknj63ivqjqdxc7b5fyedo67zshblipo5a2zuair5t4nid.onion/", + "http://icmghe66zl4twvbv5g4h532mogcea44hrkxtotrlx6aia5jslnnbnxad.onion/", + "http://lyz3i74psw6vkuxdjhkyxzy3226775qpzs6oage4zw6qj66ppdxma2qd.onion/", + "http://55lfxollcks2pvxbtg73vrpl3i7x4jnnrxfl6al6viamwngqlu4cxgyd.onion/", + "http://modre6n4hqm4seip2thhbjcfkcdcljhec7ekvd5qt7m7fhimpc2446qd.onion/", + "http://r3yes535gjsi2puoz2bvssl3ewygcfgwoji6wdk3grj3baexn2hha2id.onion/", + "http://pauppf2nuoqxwwqqshaehbkj54debl7bppacfm5h6z6zjoiejifezhad.onion/", + "http://iiobxrljnmjwb6l66bfvhin5zxbghbgiv6yamqpb4bezlrxd2vhetgyd.onion/", + "http://nf5b6a4b4s623wfxkveibjmwwpqjm536t5tyrbtrw7vsdqepsdoejoad.onion/", + "http://rs3icoalw6bdgedspnmt6vp2dzzuyqxtccezmta2g5mlyao64len7dyd.onion/", + "http://lpp4aze237qkkursbtesd54ofag6te5i5lzpee5a3buhq4v3uwtxnlqd.onion/", + "http://6nwhpuwtf4onxvr7el5ycc4xwefhk4w6q6rbn23oe2ghax2x7nns3iad.onion/" + ], + "refs": [ + "https://www.ransomlook.io/group/sarcoma" + ] + }, + "uuid": "dfe512ec-19ef-50c4-9ddf-56daf8c9b8d7", + "value": "sarcoma" + }, + { + "meta": { + "links": [ + "http://ebhmkoohccl45qesdbvrjqtyro2hmhkmh6vkyfyjjzfllm3ix72aqaid.onion/" + ], + "refs": [ + "https://www.ransomlook.io/group/interlock" + ] + }, + "uuid": "6a20c736-d83c-502f-8a9f-379a556fb4ac", + "value": "interlock" } ], - "version": 135 + "version": 136 }