Virus & Security Alert

Vulnerability Name Severity Advisory Date
Ransom.MSIL.EGOGEN.THEBBBC

Threat type: Ransomware

Aliases: Trojan:MSIL/XWormRAT.A!MTB (MICROSOFT)

Platforms: Windows

Overall Risk Rating: Low

Damage Potential: Medium

Distribution Potential: Low

Reported Infection: Low

Information Exposure: High

Overview:

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It adds certain registry entries to disable the Task Manager. This action prevents users from terminating the malware process, which can usually be done via the Task Manager.

It terminates itself if it detects it is being run in a virtual environment.

It encrypts files with specific file extensions. It drops files as ransom note. It avoids encrypting files with the following file extensions.

05/06/2023
Ransom.Win32.NOKO.YPDFA

Threat type: Ransomware

Aliases:

Platforms: Windows

Overall Risk Rating: Low

Damage Potential: Medium

Distribution Potential: Low

Reported Infection: Low

Information Exposure: Low

Overview:

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It drops files as ransom note. It avoids encrypting files with the following file extensions.

05/06/2023
Ransom.PS1.LOCKBIT.AA

Threat type: Ransomware

Aliases: Trojan:Win32/Leonem (MICROSOFT); Win32/Filecoder.Lockbit.M trojan (NOD32)

Platforms: Windows

Overall Risk Rating: Low

Damage Potential: Medium

Distribution Potential: Low

Reported Infection: Low

Information Exposure: Low

Overview:

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It drops files as ransom note. It avoids encrypting files with the following file extensions.

11/05/2023
Ransom.Win32.LOCKBIT.EOD

Threat type: Ransomware

Aliases:

Platforms: Windows

Overall Risk Rating: Low

Damage Potential: Medium

Distribution Potential: Low

Reported Infection: Low

Information Exposure: Low

Overview:

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It drops files as ransom note. It avoids encrypting files with the following file extensions.

11/05/2023
Ransom.Win32.CRYPTOLOCK.E

Threat type: Ransomware

Aliases: Trojan-Ransom.FileCrypter (IKARUS)

Platforms: Windows

Overall Risk Rating: Low

Damage Potential: Medium

Distribution Potential: Low

Reported Infection: Low

Information Exposure: Low

Overview:

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It terminates itself if it detects it is being run in a virtual environment.

26/04/2023
Trojan.W97M.EMOTET.SMI

Threat type: Trojan

Aliases: HEUR:Trojan.Script.Generic (KASPERSKY); TrojanDownloader:O97M/Emotet.S!MTB (MICROSOFT)

Platforms: Windows

Overall Risk Rating: Low

Damage Potential: Medium

Distribution Potential: Low

Reported Infection: Low

Information Exposure: Low

Overview:

This is a generic detection for all cases and instances of Emotet.

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

25/04/2023
Ransom.Win64.CONTI.A

Threat type: Ransomware

Aliases: Gen:Variant.Lazy.326686 (BITDEFENDER)

Platforms: Windows

Overall Risk Rating: Low

Damage Potential: Medium

Distribution Potential: Low

Reported Infection: Low

Information Exposure: Low

Overview:

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It drops files as ransom note.

25/04/2023
Ransom.Win64.CONTI.AA

Threat type: Ransomware

Aliases: Gen:Variant.Lazy.326686 (BITDEFENDER)

Platforms: Windows

Overall Risk Rating: Low

Damage Potential: Medium

Distribution Potential: Low

Reported Infection: Low

Information Exposure: Low

Overview:

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It drops files as ransom note.

25/04/2023
Ransom.Win64.DONOTRUN.A

Threat type: Ransomware

Aliases: Python/Filecoder.EK trojan, Python/Filecoder.EK trojan (NAI)

Platforms: Windows

Overall Risk Rating: Low

Damage Potential: Medium

Distribution Potential: Low

Reported Infection: Low

Information Exposure: Low

Overview:

This ransomware locks the user out of their devices by locking the screen.

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It drops files as ransom note.

25/04/2023
Ransom.Win32.RTMCOMMAND.THKBFBD

Threat type: Ransomware

Aliases: Ransom:Win32/RTMLocker.AA!MTB

Platforms: Windows

Overall Risk Rating: Low

Damage Potential: Medium

Distribution Potential: Low

Reported Infection: Low

Information Exposure: Low

Overview:

This ransomware encrypts all drives except the CD-ROM.

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It drops files as ransom note.

25/04/2023