mirror of https://github.com/MISP/misp-galaxy
update cryptomix
parent
57b7b5baff
commit
c2b49e5ecd
|
@ -5021,7 +5021,8 @@
|
||||||
"*filename*.email[*email*]_id[*id*].rdmk",
|
"*filename*.email[*email*]_id[*id*].rdmk",
|
||||||
".EMPTY",
|
".EMPTY",
|
||||||
".0000",
|
".0000",
|
||||||
".XZZX"
|
".XZZX",
|
||||||
|
".TEST"
|
||||||
],
|
],
|
||||||
"ransomnotes": [
|
"ransomnotes": [
|
||||||
"HELP_YOUR_FILES.html (CryptXXX)",
|
"HELP_YOUR_FILES.html (CryptXXX)",
|
||||||
|
@ -5032,7 +5033,8 @@
|
||||||
"C:\\ProgramData\\[random].exe",
|
"C:\\ProgramData\\[random].exe",
|
||||||
"Hello!\n\nAttention! All Your data was encrypted!\n\nFor specific informartion, please send us an email with Your ID number:\n\nempty01@techmail.info\n\nempty02@yahooweb.co\n\nempty003@protonmail.com\n\nWe will help You as soon as possible!\n\nDECRYPT-ID-[id] number",
|
"Hello!\n\nAttention! All Your data was encrypted!\n\nFor specific informartion, please send us an email with Your ID number:\n\nempty01@techmail.info\n\nempty02@yahooweb.co\n\nempty003@protonmail.com\n\nWe will help You as soon as possible!\n\nDECRYPT-ID-[id] number",
|
||||||
"Hello!\n\nAttention! All Your data was encrypted!\n\nFor specific informartion, please send us an email with Your ID number:\n\ny0000@tuta.io\n\ny0000@protonmail.com\n\ny0000z@yandex.com\n\ny0000s@yandex.com\n\nPlease send email to all email addresses! We will help You as soon as possible!\n\nDECRYPT-ID-[id]",
|
"Hello!\n\nAttention! All Your data was encrypted!\n\nFor specific informartion, please send us an email with Your ID number:\n\ny0000@tuta.io\n\ny0000@protonmail.com\n\ny0000z@yandex.com\n\ny0000s@yandex.com\n\nPlease send email to all email addresses! We will help You as soon as possible!\n\nDECRYPT-ID-[id]",
|
||||||
"Hello!\n\nAttention! All Your data was encrypted!\n\nFor specific informartion, please send us an email with Your ID number:\n\nxzzx@tuta.io\n\nxzzx1@protonmail.com\n\nxzzx10@yandex.com\n\nxzzx101@yandex.com\n\nPlease send email to all email addresses! We will help You as soon as possible!\n\nDECRYPT-ID-[id] number"
|
"Hello!\n\nAttention! All Your data was encrypted!\n\nFor specific informartion, please send us an email with Your ID number:\n\nxzzx@tuta.io\n\nxzzx1@protonmail.com\n\nxzzx10@yandex.com\n\nxzzx101@yandex.com\n\nPlease send email to all email addresses! We will help You as soon as possible!\n\nDECRYPT-ID-[id] number",
|
||||||
|
"Hello!\n\nAttention! All Your data was encrypted!\n\nFor specific informartion, please send us an email with Your ID number:\n\ntest757@tuta.io\n\ntest757@protonmail.com\n\ntest757xz@yandex.com\n\ntest757xy@yandex.com\n\ntest757@consultant.com\n\nPlease send email to all email addresses! We will help You as soon as possible!\n\nIMPORTANT: DO NOT USE ANY PUBLIC SOFTWARE! IT MAY DAMAGE YOUR DATA FOREVER!\n\nDECRYPT-ID-[id] number"
|
||||||
],
|
],
|
||||||
"refs": [
|
"refs": [
|
||||||
"http://www.nyxbone.com/malware/CryptoMix.html",
|
"http://www.nyxbone.com/malware/CryptoMix.html",
|
||||||
|
@ -5040,7 +5042,8 @@
|
||||||
"https://twitter.com/JakubKroustek/status/804009831518572544",
|
"https://twitter.com/JakubKroustek/status/804009831518572544",
|
||||||
"https://www.bleepingcomputer.com/news/security/new-empty-cryptomix-ransomware-variant-released/",
|
"https://www.bleepingcomputer.com/news/security/new-empty-cryptomix-ransomware-variant-released/",
|
||||||
"https://www.bleepingcomputer.com/news/security/0000-cryptomix-ransomware-variant-released/",
|
"https://www.bleepingcomputer.com/news/security/0000-cryptomix-ransomware-variant-released/",
|
||||||
"https://www.bleepingcomputer.com/news/security/xzzx-cryptomix-ransomware-variant-released/"
|
"https://www.bleepingcomputer.com/news/security/xzzx-cryptomix-ransomware-variant-released/",
|
||||||
|
"https://www.bleepingcomputer.com/news/security/test-cryptomix-ransomware-variant-released/"
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
Loading…
Reference in New Issue