Merge pull request #124 from Delta-Sierra/master

cryptomix - update
pull/125/head
Deborah Servili 2017-11-22 14:00:47 +01:00 committed by GitHub
commit efa2f5a850
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 3 deletions

View File

@ -5020,7 +5020,8 @@
".email[supl0@post.com]id[\\[[a-z0-9]{16}\\]].lesli",
"*filename*.email[*email*]_id[*id*].rdmk",
".EMPTY",
".0000"
".0000",
".XZZX"
],
"ransomnotes": [
"HELP_YOUR_FILES.html (CryptXXX)",
@ -5030,14 +5031,16 @@
"_HELP_INSTRUCTION.TXT",
"C:\\ProgramData\\[random].exe",
"Hello!\n\nAttention! All Your data was encrypted!\n\nFor specific informartion, please send us an email with Your ID number:\n\nempty01@techmail.info\n\nempty02@yahooweb.co\n\nempty003@protonmail.com\n\nWe will help You as soon as possible!\n\nDECRYPT-ID-[id] number",
"Hello!\n\nAttention! All Your data was encrypted!\n\nFor specific informartion, please send us an email with Your ID number:\n\ny0000@tuta.io\n\ny0000@protonmail.com\n\ny0000z@yandex.com\n\ny0000s@yandex.com\n\nPlease send email to all email addresses! We will help You as soon as possible!\n\nDECRYPT-ID-[id]"
"Hello!\n\nAttention! All Your data was encrypted!\n\nFor specific informartion, please send us an email with Your ID number:\n\ny0000@tuta.io\n\ny0000@protonmail.com\n\ny0000z@yandex.com\n\ny0000s@yandex.com\n\nPlease send email to all email addresses! We will help You as soon as possible!\n\nDECRYPT-ID-[id]",
"Hello!\n\nAttention! All Your data was encrypted!\n\nFor specific informartion, please send us an email with Your ID number:\n\nxzzx@tuta.io\n\nxzzx1@protonmail.com\n\nxzzx10@yandex.com\n\nxzzx101@yandex.com\n\nPlease send email to all email addresses! We will help You as soon as possible!\n\nDECRYPT-ID-[id] number"
],
"refs": [
"http://www.nyxbone.com/malware/CryptoMix.html",
"https://www.cert.pl/en/news/single/technical-analysis-of-cryptomixcryptfile2-ransomware/",
"https://twitter.com/JakubKroustek/status/804009831518572544",
"https://www.bleepingcomputer.com/news/security/new-empty-cryptomix-ransomware-variant-released/",
"https://www.bleepingcomputer.com/news/security/0000-cryptomix-ransomware-variant-released/"
"https://www.bleepingcomputer.com/news/security/0000-cryptomix-ransomware-variant-released/",
"https://www.bleepingcomputer.com/news/security/xzzx-cryptomix-ransomware-variant-released/"
]
}
},