MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

Add DoppelPaymer Ransomware

pull/472/head
rmkml 2019-11-06 20:41:43 +01:00
parent 656d90fd7c
commit 9707a5eb0e
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
clusters/ransomware.json
View File

@ -13533,7 +13533,19 @@
},
"uuid": "4cea4448-1d3c-111a-40af-011d461260b4",
"value": "Freeme"
},
{
"description": "We have dubbed this new ransomware DoppelPaymer because it shares most of its code with the BitPaymer ransomware operated by INDRIK SPIDER. However, there are a number of differences between DoppelPaymer and BitPaymer, which may signify that one or more members of INDRIK SPIDER have split from the group and forked the source code of both Dridex and BitPaymer to start their own Big Game Hunting ransomware operation.",
"meta": {
"encryption": "AES",
"refs": [
"https://www.crowdstrike.com/blog/doppelpaymer-ransomware-and-dridex-2/",
"https://malpedia.caad.fkie.fraunhofer.de/details/win.doppelpaymer"
]
},
"uuid": "5cea5548-1e3c-222a-3faf-022d461260b5",
"value": "DoppelPaymer"
}
],
"version": 69
"version": 70
}