From e79310c8619a96c6f627f471310f356c1a7f7429 Mon Sep 17 00:00:00 2001
From: rmkml <rmkml@yahoo.fr>
Date: Sat, 31 Aug 2019 21:08:50 +0200
Subject: [PATCH] Add Nemty Ransomware

---
 clusters/ransomware.json | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/clusters/ransomware.json b/clusters/ransomware.json
index 144fcafc..bc65e8e4 100644
--- a/clusters/ransomware.json
+++ b/clusters/ransomware.json
@@ -13472,7 +13472,19 @@
       },
       "uuid": "6cfa553a-1e1b-115a-401f-015d681470b1",
       "value": "GetCrypt"
+    },
+    {
+      "description": "A new ransomware family dubbed “Nemty” for the extension it adds to encrypted files has recently surfaced in the wild. According to a report from Bleeping Computer, New York-based reverse engineer Vitali Kremez posits that Nemty is possibly delivered through exposed remote desktop connections.",
+      "meta": {
+        "payment-method": "Bitcoin",
+        "price": "1000 $",
+        "refs": [
+          "https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/nemty-ransomware-possibly-spreads-through-exposed-remote-desktop-connections"
+        ]
+      },
+      "uuid": "6cfa554a-1e2b-115a-400f-014d671470b1",
+      "value": "Nemty"
     }
   ],
-  "version": 64
+  "version": 65
 }