Loading IOCs…

{'added_date': None,
 'client': '2003264@sit.singaporetech.edu.sg',
 'description': 'A Windows ransomware that will run certain tasks to prepare '
                'the target system for the encryption of files. MedusaLocker '
                'avoids executable files, probably to avoid rendering the '
                'targeted system unusable for paying the ransom. It uses a '
                'combination of AES and RSA-2048, and reportedly appends '
                'extensions such as .encrypted, .bomber, .boroff, '
                '.breakingbad, .locker16, .newlock, .nlocker, and .skynet.',
 'firstseen': None,
 'group': 'ako',
 'has_negotiations': False,
 'has_ransomnote': True,
 'lastseen': None,
 'locations': [{'available': False,
                'fqdn': 'kwvhrdibgmmpkhkidrby4mccwqpds5za6uo2thcw5gz75qncv7rbhyad.onion',
                'slug': 'http://kwvhrdibgmmpkhkidrby4mccwqpds5za6uo2thcw5gz75qncv7rbhyad.onion',
                'title': '',
                'type': 'Chat'}],
 'negotiation_count': 0,
 'ransomnotes_count': 1,
 'tiaras_metadata': {'has_negotiations': False,
                     'has_ransomnote': True,
                     'locations': [{'available': False,
                                    'fqdn': 'kwvhrdibgmmpkhkidrby4mccwqpds5za6uo2thcw5gz75qncv7rbhyad.onion',
                                    'slug': 'http://kwvhrdibgmmpkhkidrby4mccwqpds5za6uo2thcw5gz75qncv7rbhyad.onion',
                                    'title': '',
                                    'type': 'Chat'}],
                     'negotiation_count': 0,
                     'ransomnotes_count': 1,
                     'ransomware_live_group': 'ako',
                     'tools': {},
                     'url': 'https://www.ransomware.live/group/ako',
                     'victims': 0,
                     'vulnerabilities': []},
 'tiaras_source': 'ransomware.live',
 'tools': {},
 'ttps': [],
 'url': 'https://www.ransomware.live/group/ako',
 'victims': 0,
 'vulnerabilities': []}