2019-04-05 11:13:21 +02:00
{
"namespace" : "ransomware" ,
"expanded" : "ransomware types and elements" ,
"description" : "Ransomware is used to define ransomware types and the elements that compose them." ,
"version" : 1 ,
2019-04-05 11:26:29 +02:00
"refs" : [
"https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the-evolution-of-ransomware.pdf"
] ,
2019-04-05 11:13:21 +02:00
"predicates" : [
{
"value" : "type" ,
"expanded" : "Type" ,
"description" : "Type is used to describe the type of a ransomware and how it works."
} ,
{
"value" : "element" ,
"expanded" : "Element" ,
"description" : "Elements that composed or are linked to a ransomware and its execution."
}
] ,
"values" : [
{
"predicate" : "type" ,
"entry" : [
{
"value" : "scareware" ,
2019-04-05 11:26:29 +02:00
"expanded" : "Scareware is a form of malware which uses social engineering to cause shock, anxiety, or the perception of a threat in order to manipulate users into buying unwanted software."
2019-04-05 11:13:21 +02:00
} ,
{
2019-04-05 11:26:29 +02:00
"value" : "locker-ransomware" ,
"expanded" : "Locker eansomware, also called computer locker, denies access to the computer or device "
2019-04-05 11:13:21 +02:00
} ,
{
2019-04-05 11:26:29 +02:00
"value" : "crypto-ransomware" ,
"expanded" : "Crypto ransomware, also called data locker prevents access to files or data. Crypto ransomware doesn’ t necessarily have to use encryption to stop users from accessing their data, but the vast majority of it does."
2019-04-05 11:13:21 +02:00
}
2019-04-05 12:10:27 +02:00
]
2019-04-05 11:13:21 +02:00
} ,
{
2019-04-05 12:06:54 +02:00
"predicate" : "element" ,
2019-04-05 11:13:21 +02:00
"entry" : [
{
"value" : "ransomnote" ,
2019-04-05 12:06:07 +02:00
"expanded" : "A ransomnote is the message left by the attacker to threaten his victim and ask for ransom. It is usually seen as a text file or a picture set as background."
2019-04-05 11:13:21 +02:00
} ,
{
2019-04-05 12:06:07 +02:00
"value" : "dropper" ,
"expanded" : "A dropper is a means of getting malware into a machine while bypassing the security checks by carring the malware inside of itself."
2019-04-05 11:13:21 +02:00
} ,
{
"value" : "downloader" ,
2019-04-05 12:06:07 +02:00
"expanded" : "a downloader is a means of getting malware into a machine while bypassing the security checks, by downloading it instead of carring it."
2019-04-05 11:13:21 +02:00
}
]
}
]
}