MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

add KEYPASS ransomware

pull/247/head
Deborah Servili 2018-08-13 15:50:09 +02:00
parent 56fe9eb63c
commit b100b0cedd
No known key found for this signature in database
GPG Key ID: 7E3A832850D4D7D1
2 changed files with 22 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
clusters/android.json
View File

@ -4299,7 +4299,7 @@
"https://www.bleepingcomputer.com/news/security/new-mysterybot-android-malware-packs-a-banking-trojan-keylogger-and-ransomware/"
]
},
"uuid": "53e2e7e8-70a8-11e8-b0f8-33fcf651adaf"
"uuid": "53e2e7e8-70a8-11e8-b0f8-33fcf6s51adaf"
},
{
"value": "Skygofree",

22
clusters/ransomware.json
View File

@ -10070,12 +10070,32 @@
]
},
"uuid": "b48a7d62-9bc4-11e8-a7c5-47d13fad265f"
},
{
"value": "KEYPASS",
"description": "A new distribution campaign is underway for a STOP Ransomware variant called KeyPass based on the amount of victims that have been seen. Unfortunately, how the ransomware is being distributed is unknown at this time.",
"meta": {
"refs": [
"https://www.bleepingcomputer.com/news/security/new-keypass-ransomware-campaign-underway/"
],
"synonyms": [
"KeyPass"
],
"ransomnotes": [
"!!!KEYPASS_DECRYPTION_INFO!!!.txt",
"Attention!\n\nAll your files, documents, photos, databases and other important files are encrypted and have the extension: .KEYPASS\n\nThe only method of recovering files is to purchase an decrypt software and unique private key.\n\nAfter purchase you will start decrypt software, enter your unique private key and it will decrypt all your data.\n\nOnly we can give you this key and only we can recover your files.\n\nYou need to contact us by e-mail keypass@bitmessage.ch send us your personal ID and wait for further instructions.\n\nFor you to be sure, that we can decrypt your files - you can send us a 1-3 any not very big encrypted files and we will send you back it in a original form FREE.\n\nPrice for decryption $300.\n\nThis price avaliable if you contact us first 72 hours.\n\nE-mail address to contact us:\n\nkeypass@bitmessage.ch\n\n\n\nReserve e-mail address to contact us:\n\nkeypass@india.com\n\n\n\nYour personal id:\n[id]"
],
"extensions": [
".KEYPASS"
]
},
"uuid": "22b4070e-9efe-11e8-b617-ab269f54596c"
}
],
"source": "Various",
"uuid": "10cf658b-5d32-4c4b-bb32-61760a640372",
"name": "Ransomware",
"version": 27,
"version": 28,
"type": "ransomware",
"description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml and http://pastebin.com/raw/GHgpWjar"
}