MISP
/
misp-taxonomies
mirror of https://github.com/MISP/misp-taxonomies
2
0
Fork 0
Code Issues Releases Wiki Activity
misp-taxonomies/ransomware/machinetag.json

58 lines
2.2 KiB
JSON
Raw Normal View History

add ransomware taxonomy WIP
2019-04-05 11:13:21 +02:00
{
"namespace": "ransomware",
"expanded": "ransomware types and elements",
"description": "Ransomware is used to define ransomware types and the elements that compose them.",
"version": 1,
ransomware taxonomy : decribe some types
2019-04-05 11:26:29 +02:00
"refs": [
"https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the-evolution-of-ransomware.pdf"
],
add ransomware taxonomy WIP
2019-04-05 11:13:21 +02:00
"predicates": [
{
"value": "type",
"expanded": "Type",
"description": "Type is used to describe the type of a ransomware and how it works."
},
{
"value": "element",
"expanded": "Element",
"description": "Elements that composed or are linked to a ransomware and its execution."
}
],
"values": [
{
"predicate": "type",
"entry": [
{
"value": "scareware",
ransomware taxonomy : decribe some types
2019-04-05 11:26:29 +02:00
"expanded": "Scareware is a form of malware which uses social engineering to cause shock, anxiety, or the perception of a threat in order to manipulate users into buying unwanted software."
add ransomware taxonomy WIP
2019-04-05 11:13:21 +02:00
},
{
ransomware taxonomy : decribe some types
2019-04-05 11:26:29 +02:00
"value": "locker-ransomware",
"expanded": "Locker eansomware, also called computer locker, denies access to the computer or device "
add ransomware taxonomy WIP
2019-04-05 11:13:21 +02:00
},
{
ransomware taxonomy : decribe some types
2019-04-05 11:26:29 +02:00
"value": "crypto-ransomware",
"expanded": "Crypto ransomware, also called data locker prevents access to files or data. Crypto ransomware doesnt necessarily have to use encryption to stop users from accessing their data, but the vast majority of it does."
add ransomware taxonomy WIP
2019-04-05 11:13:21 +02:00
}
##COMMA##
2019-04-05 12:10:27 +02:00
]
add ransomware taxonomy WIP
2019-04-05 11:13:21 +02:00
},
{
ransomware taxonomy : decribe some elements
2019-04-05 12:06:54 +02:00
"predicate": "element",
add ransomware taxonomy WIP
2019-04-05 11:13:21 +02:00
"entry": [
{
"value": "ransomnote",
ransomware taxonomy : decribe some elements
2019-04-05 12:06:07 +02:00
"expanded": "A ransomnote is the message left by the attacker to threaten his victim and ask for ransom. It is usually seen as a text file or a picture set as background."
add ransomware taxonomy WIP
2019-04-05 11:13:21 +02:00
},
{
ransomware taxonomy : decribe some elements
2019-04-05 12:06:07 +02:00
"value": "dropper",
"expanded": "A dropper is a means of getting malware into a machine while bypassing the security checks by carring the malware inside of itself."
add ransomware taxonomy WIP
2019-04-05 11:13:21 +02:00
},
{
"value": "downloader",
ransomware taxonomy : decribe some elements
2019-04-05 12:06:07 +02:00
"expanded": "a downloader is a means of getting malware into a machine while bypassing the security checks, by downloading it instead of carring it."
add ransomware taxonomy WIP
2019-04-05 11:13:21 +02:00
}
]
}
]
}