gptkbp:instanceOf
|
malware
|
gptkbp:acceptsPaymentMethod
|
gptkb:Bitcoin
gptkb:Monero
|
gptkbp:affects
|
businesses
healthcare organizations
government organizations
individual users
|
gptkbp:alsoKnownAs
|
gptkb:REvil
|
gptkbp:associatedWith
|
gptkb:Ransomware-as-a-Service
|
gptkbp:countryOfOrigin
|
unknown
|
gptkbp:developedBy
|
unknown cybercriminal group
|
gptkbp:encryptsFiles
|
true
|
gptkbp:exploits
|
gptkb:CVE-2019-19781
gptkb:CVE-2019-2725
gptkb:CVE-2019-11510
CVE-2018-8453
CVE-2019-7481
|
gptkbp:firstAppearance
|
April 2019
|
gptkbp:hasWebsiteOn
|
gptkb:dark_web
|
https://www.w3.org/2000/01/rdf-schema#label
|
Sodinokibi
|
gptkbp:language
|
gptkb:Russian
English
|
gptkbp:leaksData
|
true
|
gptkbp:notableBattle
|
JBS Foods cyberattack
Travelex cyberattack
|
gptkbp:notableVictim
|
gptkb:Xerox
gptkb:Quest_Diagnostics
gptkb:Brown-Forman
gptkb:JBS_Foods
gptkb:Travelex
gptkb:Grubman_Shire_Meiselas_&_Sacks
GSMLaw
Kennon Parker
|
gptkbp:platform
|
gptkb:Microsoft_Windows
|
gptkbp:prohibits
|
gptkb:CIS_countries
|
gptkbp:ransomDemanded
|
gptkb:cryptocurrency
|
gptkbp:ransomNoteFileName
|
[random]-readme.txt
|
gptkbp:ransomwareFamily
|
gptkb:REvil
gptkb:Sodinokibi
|
gptkbp:shutDownDate
|
July 2021
|
gptkbp:spreadTo
|
malicious websites
phishing emails
exploit kits
|
gptkbp:usesAffiliateModel
|
true
|
gptkbp:usesDataLeakSite
|
true
|
gptkbp:usesDoubleExtortion
|
true
|
gptkbp:usesEncryptionAlgorithm
|
gptkb:RSA
gptkb:Salsa20
|
gptkbp:usesTor
|
true
|
gptkbp:bfsParent
|
gptkb:REvil
|
gptkbp:bfsLayer
|
5
|