mirror of https://github.com/MISP/misp-galaxy
add synonym - half done
parent
6859b2fb4e
commit
bc4f1a93ab
|
@ -1597,6 +1597,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Ocelot Locker Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2017/01/ocelot-ransomware.html",
|
||||
"https://twitter.com/malwrhunterteam/status/817648547231371264"
|
||||
|
@ -1608,10 +1611,13 @@
|
|||
"date": "January 2017"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. This is a fake ransomware. Your files are not really encrypted, however the attacker does ask for a ransom of .03 bitcoins. It is still dangerous even though it is fake, he still go through to your computer.",
|
||||
"value": "Ocelot Ransomware or Ocelot Locker Ransomware (FAKE RANSOMWARE)"
|
||||
"value": "Ocelot Ransomware (FAKE RANSOMWARE)"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Blablabla Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2017/01/skyname-ransomware.html",
|
||||
"https://twitter.com/malwrhunterteam/status/817079028725190656"
|
||||
|
@ -1625,10 +1631,13 @@
|
|||
"date": "January 2017"
|
||||
},
|
||||
"description": "It’s directed to Czechoslovakianspeaking users. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc.. Based on HiddenTear",
|
||||
"value": "SkyName Ransomware or Blablabla Ransomware"
|
||||
"value": "SkyName Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Depsex Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2017/01/mafiaware.html",
|
||||
"https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-6th-2017-fsociety-mongodb-pseudo-darkleech-and-more/",
|
||||
|
@ -1645,10 +1654,13 @@
|
|||
"date": "January 2017"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc.. Ransom is 155$ inbitcoins. Creator of ransomware is called Mafia. Based on HiddenTear",
|
||||
"value": "MafiaWare Ransomware or Depsex Ransomware"
|
||||
"value": "MafiaWare Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Purge Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2017/01/globe3-ransomware.html",
|
||||
"https://www.bleepingcomputer.com/forums/t/624518/globe-ransomware-help-and-support-purge-extension-how-to-restore-fileshta/",
|
||||
|
@ -1681,10 +1693,13 @@
|
|||
"date": "January 2017"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc.. Ransom is 3 bitcoins. Extesion depends on the config file. It seems Globe is a ransomware kit.",
|
||||
"value": "Globe3 Ransomware or Purge Ransomware"
|
||||
"value": "Globe3 Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"FireCrypt Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2017/01/bleedgreen-ransomware.html",
|
||||
"https://www.bleepingcomputer.com/news/security/firecrypt-ransomware-comes-with-a-ddos-component/"
|
||||
|
@ -1699,7 +1714,7 @@
|
|||
"date": "January 2017"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc.. Ransom is 500$ in bitcoins. Requires .NET Framework 4.0. Gets into your startup system and sends you notes like the one below: https://4.bp.blogspot.com/-xrr6aoB_giw/WG1UrGpmZJI/AAAAAAAAC-Q/KtKdQP6iLY4LHaHgudF5dKs6i1JHQOBmgCLcB/s1600/green1.jpg",
|
||||
"value": "BleedGreen Ransomware or FireCrypt Ransomware"
|
||||
"value": "BleedGreen Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -1928,6 +1943,10 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Merry X-Mas",
|
||||
"MRCR"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/12/mrcr1-ransomware.html",
|
||||
"https://www.bleepingcomputer.com/news/security/-merry-christmas-ransomware-now-steals-user-private-data-via-diamondfox-malware/",
|
||||
|
@ -1952,7 +1971,7 @@
|
|||
"date": " December 2016"
|
||||
},
|
||||
"description": "It’s directed to English and Italian speaking users, therefore is able to infect worldwide. Most attacks are on organizations and servers. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc.. They pose as a Consumer complaint notification that’s coming from Federal Trade Commission from USA, with an attached file called “complaint.pdf”. Written in Delphi by hacker MicrRP.",
|
||||
"value": "Merry Christmas, Merry X-Mas or MRCR"
|
||||
"value": "Merry Christmas"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -2065,6 +2084,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"KokoLocker Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/12/kokokrypt-ransomware.html",
|
||||
"http://removevirusadware.com/tips-for-removeing-kokokrypt-ransomware/"
|
||||
|
@ -2079,7 +2101,7 @@
|
|||
"date": "December 2016"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. It is spread by its creator in forums. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files and documents and more. The ransom is 0.1 bitcoins within 72 hours. Uses Windows Update as a decoy. Creator: Talnaci Alexandru",
|
||||
"value": "KoKoKrypt Ransomware or KokoLocker Ransomware"
|
||||
"value": "KoKoKrypt Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -2101,6 +2123,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"PClock SysGop Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/12/pclock4-sysgop-ransomware.html"
|
||||
],
|
||||
|
@ -2111,7 +2136,7 @@
|
|||
"date": "December 2016"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam (for example: “you have a criminal case against you”), fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc..",
|
||||
"value": "PClock4 Ransomware or PClock SysGop Ransomware"
|
||||
"value": "PClock4 Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -2150,6 +2175,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Fake CryptoLocker"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/12/cryptolocker3-ransomware.html"
|
||||
],
|
||||
|
@ -2163,7 +2191,7 @@
|
|||
"date": "December 2016"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc.. Creator is staffttt and the ransom is 0.5 botcoins.",
|
||||
"value": "CryptoLocker3 Ransomware or Fake CryptoLocker"
|
||||
"value": "CryptoLocker3 Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -2203,6 +2231,10 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"IDRANSOMv3",
|
||||
"Manifestus"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/12/enkripsipc-ransomware.html",
|
||||
"https://twitter.com/demonslay335/status/811343914712100872",
|
||||
|
@ -2219,7 +2251,7 @@
|
|||
"date": "December 2016"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc.. The name of the hacker is humanpuff69 and he requests 0.5 bitcoins. The encryption password is based on the computer name",
|
||||
"value": "EnkripsiPC Ransomware or IDRANSOMv3 or Manifestus"
|
||||
"value": "EnkripsiPC Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -2308,6 +2340,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Globe Imposter"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/12/fake-globe-ransomware.html",
|
||||
"https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-30th-2016-infected-tvs-and-open-source-ransomware-sucks/",
|
||||
|
@ -2326,7 +2361,7 @@
|
|||
"date": "December 2016"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc… The ransom is 1bitcoin.",
|
||||
"value": "Fake Globe Ransomware or Globe Imposter"
|
||||
"value": "Fake Globe Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -2343,7 +2378,7 @@
|
|||
"date": "December 2016"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc…",
|
||||
"value": "V8Locker Ransomware "
|
||||
"value": "V8Locker Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -2492,11 +2527,8 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
""
|
||||
],
|
||||
"ransomnotes": [
|
||||
""
|
||||
"synonyms": [
|
||||
"DaleLocker Ransomware"
|
||||
],
|
||||
"encryption": "AES+RSA-512",
|
||||
"extensions": [
|
||||
|
@ -2505,7 +2537,7 @@
|
|||
"date": "December 2016"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc… CHIP > DALE",
|
||||
"value": "Dale Ransomware or DaleLocker Ransomware"
|
||||
"value": "Dale Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -2659,6 +2691,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"VO_ Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/12/sq-vo-ransomware.html"
|
||||
],
|
||||
|
@ -2672,10 +2707,13 @@
|
|||
"date": "December 2016"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc… This hacker requests 4 bitcoins for ransom.",
|
||||
"value": "SQ_ Ransomware or VO_ Ransomware"
|
||||
"value": "SQ_ Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Malta Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-2nd-2016-screenlockers-kangaroo-the-sfmta-and-more/",
|
||||
"https://id-ransomware.blogspot.co.il/2016/12/matrix-ransomware.html",
|
||||
|
@ -2692,7 +2730,7 @@
|
|||
"date": "December 2016"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc…",
|
||||
"value": "Matrix or Malta Ransomware"
|
||||
"value": "Matrix"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -2853,6 +2891,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"m0on Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/11/crypute-ransomware-m0on.html",
|
||||
"https://www.bleepingcomputer.com/virus-removal/threat/ransomware/"
|
||||
|
@ -2867,10 +2908,13 @@
|
|||
"date": "November 2016"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc..",
|
||||
"value": "Crypute Ransomware or m0on Ransomware"
|
||||
"value": "Crypute Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Fake Maktub Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/11/nmoreira-ransomware.html",
|
||||
"https://id-ransomware.blogspot.co.il/2016/10/airacrop-ransomware.html"
|
||||
|
@ -2886,7 +2930,7 @@
|
|||
"date": "November 2016"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc..",
|
||||
"value": "NMoreira Ransomware or Fake Maktub Ransomware"
|
||||
"value": "NMoreira Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -2930,6 +2974,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Voldemort Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"http://id-ransomware.blogspot.co.il/2016/09/nagini-voldemort-ransomware.html",
|
||||
"https://www.bleepingcomputer.com/news/security/the-nagini-ransomware-sics-voldemort-on-your-files/"
|
||||
|
@ -2941,7 +2988,7 @@
|
|||
"date": "November 2016"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc.. Looks for C:\\Temp\\voldemort.horcrux",
|
||||
"value": "Nagini Ransomware or Voldemort Ransomware"
|
||||
"value": "Nagini Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -2964,6 +3011,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"ChipLocker Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/11/chip-ransomware.html",
|
||||
"http://malware-traffic-analysis.net/2016/11/17/index.html",
|
||||
|
@ -2981,7 +3031,7 @@
|
|||
"date": "November 2016"
|
||||
},
|
||||
"description": "It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc..",
|
||||
"value": "Chip Ransomware or ChipLocker Ransomware"
|
||||
"value": "Chip Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -3025,6 +3075,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"YafunnLocker"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/11/cryptoluck-ransomware.html",
|
||||
"http://www.bleepingcomputer.com/news/security/cryptoluck-ransomware-being-malvertised-via-rig-e-exploit-kits/",
|
||||
|
@ -3042,10 +3095,14 @@
|
|||
"date": "November 2016"
|
||||
},
|
||||
"description": "This is most likely to affect English speaking users, since the note is written in English. English is understood worldwide, thus anyone can be harmed. The hacker spread the virus using email spam, fake updates, and harmful attachments. All your files are compromised including music, MS Office, Open Office, pictures, videos, shared online files etc..",
|
||||
"value": "CryptoLuck Ransomware or YafunnLocker"
|
||||
"value": "CryptoLuck Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Nemesis",
|
||||
"X3M"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/11/crypton-ransomware.html",
|
||||
"https://decrypter.emsisoft.com/crypton",
|
||||
|
@ -3073,7 +3130,7 @@
|
|||
"date": "November 2016"
|
||||
},
|
||||
"description": "This is most likely to affect English speaking users, since the note is written in English. English is understood worldwide, thus anyone can be harmed. The hacker spread the virus using email spam, fake updates, and harmful attachments. All your files are compromised including music, MS Office, Open Office, pictures, videos, shared online files etc..",
|
||||
"value": "Crypton Ransomware, or Nemesis or X3M"
|
||||
"value": "Crypton Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -3115,6 +3172,11 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"PClock SuppTeam Ransomware",
|
||||
"WinPlock",
|
||||
"CryptoLocker clone"
|
||||
],
|
||||
"refs": [
|
||||
"https://www.bleepingcomputer.com/news/security/old-cryptolocker-copycat-named-pclock-resurfaces-with-new-attacks/",
|
||||
"https://id-ransomware.blogspot.co.il/2016/11/suppteam-ransomware-sysras.html",
|
||||
|
@ -3135,10 +3197,13 @@
|
|||
"date": "November 2016"
|
||||
},
|
||||
"description": "This is most likely to affect English speaking users, since the note is written in English. English is understood worldwide, thus anyone can be harmed. The hacker spread the virus using email spam, fake updates, and harmful attachments. All your files are compromised including music, MS Office, Open Office, pictures, videos, shared online files etc.. CryptoLocker Copycat",
|
||||
"value": "PClock3 Ransomware or PClock SuppTeam Ransomware orCryptoLocker clone or WinPlock"
|
||||
"value": "PClock3 Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Kolobocheg Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://www.ransomware.wiki/tag/kolobo/",
|
||||
"https://id-ransomware.blogspot.co.il/2016/11/kolobo-ransomware.html",
|
||||
|
@ -3154,10 +3219,13 @@
|
|||
"date": "November 2016"
|
||||
},
|
||||
"description": "This is most likely to affect English speaking users, since the note is written in English. English is understood worldwide, thus anyone can be harmed. The hacker spread the virus using email spam, fake updates, and harmful attachments. All your files are compromised including music, MS Office, Open Office, pictures, videos, shared online files etc..",
|
||||
"value": "Kolobo Ransomware or Kolobocheg Ransomware"
|
||||
"value": "Kolobo Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Paysafecard Generator 2016"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/11/paysafegen-german-ransomware.html",
|
||||
"https://twitter.com/JakubKroustek/status/796083768155078656"
|
||||
|
@ -3172,7 +3240,7 @@
|
|||
"date": "November 2016"
|
||||
},
|
||||
"description": "This is most likely to affect German speaking users, since the note is written in German. Mostly affects users in German speaking countries. The hacker spread the virus using email spam, fake updates, and harmful attachments. All your files are compromised including music, MS Office, Open Office, pictures, videos, shared online files etc..",
|
||||
"value": "PaySafeGen (German) Ransomware or Paysafecard Generator 2016"
|
||||
"value": "PaySafeGen (German) Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -3230,6 +3298,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Serpent Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/11/paydos-ransomware-serpent.html",
|
||||
"https://www.bleepingcomputer.com/news/security/ransomware-goes-retro-with-paydos-and-serpent-written-as-batch-files/",
|
||||
|
@ -3248,7 +3319,7 @@
|
|||
"date": "November 2016"
|
||||
},
|
||||
"description": "This is most likely to affect English speaking users, since the note is written in English. English is understood worldwide, thus anyone can be harmed. The hacker spread the virus using email spam, fake updates, and harmful attachments. All your files are compromised including music, MS Office, Open Office, pictures, videos, shared online files etc.. Batch file; Passcode: AES1014DW256 or RSA1014DJW2048",
|
||||
"value": "PayDOS Ransomware or Serpent Ransomware"
|
||||
"value": "PayDOS Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -3304,6 +3375,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"BTC Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/11/btclocker-ransomware.html"
|
||||
],
|
||||
|
@ -3317,7 +3391,7 @@
|
|||
"date": "November 2016"
|
||||
},
|
||||
"description": "This is most likely to affect English speaking users, since the note is written in English. English is understood worldwide, thus anyone can be harmed. The hacker spread the virus using email spam, fake updates, and harmful attachments. All your files are compromised including music, MS Office, Open Office, pictures, videos, shared online files etc..",
|
||||
"value": "BTCLocker Ransomware or BTC Ransomware"
|
||||
"value": "BTCLocker Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -3357,6 +3431,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"SFX Monster Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"http://virusinfo.info/showthread.php?t=201710",
|
||||
"https://id-ransomware.blogspot.co.il/2016/11/encryptss77-ransomware.html"
|
||||
|
@ -3371,7 +3448,7 @@
|
|||
"date": "November 2016"
|
||||
},
|
||||
"description": "This is most likely to affect English speaking users, since the note is written in English. English is understood worldwide, thus anyone can be harmed. The hacker spread the virus using email spam, fake updates, and harmful attachments. All your files are compromised including music, MS Office, Open Office, pictures, videos, shared online files etc..",
|
||||
"value": "Encryptss77 Ransomware or SFX Monster Ransomware"
|
||||
"value": "Encryptss77 Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -3480,6 +3557,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Jack.Pot Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/10/jackpot-ransomware.html",
|
||||
"https://twitter.com/struppigel/status/791639214152617985",
|
||||
|
@ -3494,7 +3574,7 @@
|
|||
"date": "October 2016"
|
||||
},
|
||||
"description": "This is most likely to affect English speaking users, since the note is written in English. English is understood worldwide, thus anyone can be harmed. The hacker spread the virus using email spam, fake updates, and harmful attachments. All your files are compromised including music, MS Office, Open Office, pictures, videos, shared online files etc..",
|
||||
"value": "JackPot Ransomware or Jack.Pot Ransomware"
|
||||
"value": "JackPot Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -3631,6 +3711,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Hungarian Locky Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/10/hucky-ransomware-hungarian-locky.html",
|
||||
"https://blog.avast.com/hucky-ransomware-a-hungarian-locky-wannabe",
|
||||
|
@ -3650,7 +3733,7 @@
|
|||
"date": "October 2016"
|
||||
},
|
||||
"description": "This is most likely to affect English speaking users, since the note is written in English. English is understood worldwide, thus anyone can be harmed. The hacker spread the virus using email spam, fake updates, and harmful attachments. All your files are compromised including music, MS Office, Open Office, pictures, videos, shared online files etc.. Based on Locky",
|
||||
"value": "Hucky Ransomware or Hungarian Locky Ransomware"
|
||||
"value": "Hucky Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -3762,6 +3845,11 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"SHC Ransomware",
|
||||
"SHCLocker",
|
||||
"SyNcryption"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/10/japanlocker-ransomware.html",
|
||||
"https://www.cyber.nj.gov/threat-profiles/ransomware-variants/japanlocker",
|
||||
|
@ -3778,7 +3866,7 @@
|
|||
"date": "October 2016"
|
||||
},
|
||||
"description": "This is most likely to affect English speaking users, since the note is written in English. English is understood worldwide, thus anyone can be harmed. The hacker spread the virus using email spam, fake updates, and harmful attachments. All your files are compromised including music, MS Office, Open Office, pictures, videos, shared online files etc.. Base64 encoding, ROT13, and top-bottom swapping",
|
||||
"value": "JapanLocker Ransomware & SHC Ransomware, SHCLocker ,SyNcryption"
|
||||
"value": "JapanLocker Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -3855,6 +3943,10 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"WS Go Ransonware",
|
||||
"Trojan.Encoder.6491"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/10/ws-go-ransonware.html",
|
||||
"https://www.cyber.nj.gov/threat-profiles/ransomware-variants/apt-ransomware-v2"
|
||||
|
@ -3869,7 +3961,7 @@
|
|||
"date": "October 2016"
|
||||
},
|
||||
"description": "This is most likely to affect English speaking users, since the note is written in English. English is understood worldwide, thus anyone can be harmed. The hacker spread the virus using email spam, fake updates, and harmful attachments. All your files are compromised including music, MS Office, Open Office, pictures, videos, shared online files etc..",
|
||||
"value": "Windows_Security Ransonware or WS Go Ransonware, Trojan.Encoder.6491"
|
||||
"value": "Windows_Security Ransonware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -3927,6 +4019,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Deadly for a Good Purpose Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/10/deadly-ransomware.html",
|
||||
"https://twitter.com/malwrhunterteam/status/785533373007728640"
|
||||
|
@ -3938,7 +4033,7 @@
|
|||
"date": "October 2016"
|
||||
},
|
||||
"description": "This is most likely to affect English speaking users, since the note is written in English. English is understood worldwide, thus anyone can be harmed. The hacker spread the virus using email spam, fake updates, and harmful attachments. All your files are compromised including music, MS Office, Open Office, pictures, videos, shared online files etc.. sample is set to encrypt only in 2017...",
|
||||
"value": "Deadly Ransomware or Deadly for a Good Purpose Ransomware"
|
||||
"value": "Deadly Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -3961,6 +4056,9 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"Purge Ransomware"
|
||||
],
|
||||
"refs": [
|
||||
"https://id-ransomware.blogspot.co.il/2016/10/globe2-ransomware.html",
|
||||
"https://success.trendmicro.com/portal_kb_articledetail?solutionid=1114221"
|
||||
|
@ -3987,7 +4085,7 @@
|
|||
"date": "October 2016"
|
||||
},
|
||||
"description": "This is most likely to affect English speaking users, since the note is written in English. English is understood worldwide, thus anyone can be harmed. The hacker spread the virus using email spam, fake updates, and harmful attachments. All your files are compromised including music, MS Office, Open Office, pictures, videos, shared online files etc..",
|
||||
"value": "Globe2 Ransomware or Purge Ransomware"
|
||||
"value": "Globe2 Ransomware"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
|
Loading…
Reference in New Issue