From eb07fab69f4ada87f1824fd2809f932ce6f1cc8e Mon Sep 17 00:00:00 2001 From: Delta-Sierra Date: Tue, 23 Feb 2021 16:21:07 +0100 Subject: [PATCH] add Ragnar Locker and update accordingly --- clusters/mitre-malware.json | 7 +++++++ clusters/ransomware.json | 23 ++++++++++++++++++++++- 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/clusters/mitre-malware.json b/clusters/mitre-malware.json index f293b6a..3d91a81 100644 --- a/clusters/mitre-malware.json +++ b/clusters/mitre-malware.json @@ -2564,6 +2564,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "e69f9836-873a-43d3-92a8-97ab783a4171", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "54895630-efd2-4608-9c24-319de972a9eb", diff --git a/clusters/ransomware.json b/clusters/ransomware.json index d535e94..b5786b0 100644 --- a/clusters/ransomware.json +++ b/clusters/ransomware.json @@ -14060,7 +14060,28 @@ }, "uuid": "39781a7a-cd3a-4e24-aeb8-94a767a2551b", "value": "Tycoon" + }, + { + "description": "Ragnar Locker is a ransomware identified in December 2019 that targetscorporate networks inBig Game Huntingtargeted attacks. This reportpresents recent elements regarding this ransomware.", + "meta": { + "refs": [ + "https://www.bleepingcomputer.com/news/security/ragnar-locker-ransomware-targets-msp-enterprise-support-tools/", + "https://news.sophos.com/en-us/2020/05/21/ragnar-locker-ransomware-deploys-virtual-machine-to-dodge-security/", + "https://www.cybersecurity-insiders.com/ransomware-attack-makes-cwt-pay-4-5-million-in-bitcoins-to-hackers/" + ] + }, + "related": [ + { + "dest-uuid": "54895630-efd2-4608-9c24-319de972a9eb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], + "uuid": "e69f9836-873a-43d3-92a8-97ab783a4171", + "value": "Ragnar Locker" } ], - "version": 92 + "version": 93 }