MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [ransomware] RegretLocker added

pull/615/head
Alexandre Dulaunoy 2020-12-30 14:14:09 +01:00
parent d408b81606
commit 4454b58743
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
clusters/ransomware.json
View File

@ -2126,6 +2126,21 @@
"uuid": "c3ef2acd-cc5d-4240-80e7-47e85b46db96",
"value": "GOG Ransomware"
},
{
"description": "RegretLocker is a new ransomware that has been found in the wild in the last month that does not only encrypt normal files on disk like other ransomwares. When running, it will particularly search for VHD files, mount them using Windows Virtual Storage API, and then encrypt all the files it finds inside of those VHD files.",
"meta": {
"date": "November 2020",
"encryption": "AES",
"extensions": [
".mouse"
],
"refs": [
"http://chuongdong.com/reverse%20engineering/2020/11/17/RegretLocker/"
]
},
"uuid": "9479d372-605e-408e-a2a3-ea971ad4ad78",
"value": "RegretLocker"
},
{
"description": "Its directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc.. Ransom is 0.1 Bitcoins. Original name is TrojanRansom.",
"meta": {
@ -14002,5 +14017,5 @@
"value": "RansomEXX"
}
],
"version": 89
"version": 90
}