File Reputation
| DETECTION/POLICY/RULES | PATTERN BRANCH/VERSION | RELEASE DATE |
|---|---|---|
| Backdoor.Win32.COBEACON.OSLJAE | 16.311.00 | 2020-10-27 |
| Backdoor.Win64.C0BALT.AG | 16.533.00 | 2021-02-12 |
| Backdoor.Win64.C0BALT.AH | 16.561.00 | 2021-02-26 |
| Backdoor.Win64.C0BEACON.SMA | 16.263.00 | 2020-10-03 |
| Backdoor.Win64.COBALT.YABBL | 16.617.00 | 2021-03-26 |
| Backdoor.Win64.COBALT.YABBS | 16.617.00 | 2021-03-26 |
| Ransom.Win32.CONTI.E | 16.109.00 | 2020-07-18 |
| Ransom.Win32.CONTI.l | 16.275.00 | 2020-10-09 |
| Ransom.Win32.CONTI.YAAI-A | 16.241.00 | 2020-09-22 |
| Ransom.Win32.CONTI.YABAZ | 16.617.00 | 2021-03-26 |
| Ransom.Win32.CONTI.YXAGQ | 16.617.00 | 2021-03-26 |
| Ransom.Win32.CONTl.D | 16.103.00 | 2020-07-15 |
| Ransom.Win32.CONTlJ | 16.333.00 | 2020-11-06 |
| Ransom.Win64.CONTI.A | 16.537.00 | 2021-02-14 |
| Trojan. PSI.BAZALOADER.YXAK-A | 16.323.00 | 2020-11-02 |
| Trojan.BAT.COBALSTART.A | 16.561.00 | 2021-02-26 |
| Trojan.BAT.COBALSTART.YABBM | 16.617.00 | 2021-03-26 |
| Trojan.BAT.COBALSTART.YABBS | 16.617.00 | 2021-03-26 |
| Trojan.BAT.COBEACON.YABBL | 16.617.00 | 2021-03-26 |
| Trojan.BAT.CONTlSTART.YABBM | 16.617.00 | 2021-03-26 |
| Trojan.BAT.KILLAV.WLDS | 16.653.00 | 2021-04-13 |
| Trojan.BAT.KlLLAV.YABBS | 16.617.00 | 2021-03-26 |
| Trojan.BATCONTlSTART.YABBM | 16.617.00 | 2021-03-26 |
| Trojan.PS1.COBALT.YABBS | 16.617.00 | 2021-03-26 |
| Trojan.Win32.BAZALOADER.YXAK-A | 16.323.00 | 2020-11-02 |
| Trojan.Win64.BAZARLOADER.YABBM | 16.617.00 | 2021-03-26 |
| Trojan.XML.KlLLAV.YABBS | 16.617.00 | 2021-03-26 |
| Trojan.XMLKILLAV.AA | 16.549.00 | 2021-02-20 |
| Worm.BAT.COBALT.YABBS | 16.617.00 | 2021-03-26 |
| Worm.BAT.KlLLAV.YABBS | 16.617.00 | 2021-03-26 |
Predictive Machine Learning
| DETECTION | PATTERN BRANCH/VERSION |
|---|---|
| TROJ.Win32.TRX.XXPE50FFF042 | In-the-Cloud |
| TROJ.Win32.TRX.XXPE50FFF041 | In-the-Cloud |
Behavior Monitoring
| PATTERN BRANCH/VERSION | RELEASE DATE |
|---|---|
| FLS.IBT.4851T | Behavior Monitoring OPR 2.187 |
| RAN4056T | Behavior Monitoring OPR 1.907 |
Web Reputation
| URL | CATEGORY | BLOCKING DATE |
|---|---|---|
| URL Protection | Malware Accomplice, Disease Vector, Ransomware | In-the-Cloud |
| PATTERN VERSION | RELEASE DATE |
|---|---|
| Email Protection | Anti-Spam Pattern 6040 |
Solution Map - What should customers do?
To update TrendAI™ products, refer to the corresponding Online Help Center guides.
Recommendation
Make sure to always use the latest pattern available to detect the old and new variants of Nefilim ransomware.
- Please refer to the KB article on Recommendations on how to best protect your network using TrendAI™ products.
- You may also check the article on Submitting suspicious or undetected virus for file analysis to Technical Support.
- For support assistance, please contact TrendAI™ Technical Support.
Threat Report
- Threat Encyclopedia: Ransom.Win32.CONTl.D
- Threat Encyclopedia: Ransom.Win32.CONTl.E
- Threat Encyclopedia: Ransom.Win32.CONTl.l
- Threat Encyclopedia: Ransom.Win32.CONTl.J
- Threat Encyclopedia: Ransom.Win32.CONTl.YAAl-A
- Threat Encyclopedia: Backdoor.Win32.BAZAR.AB
- Threat Encyclopedia: Backdoor.Win64.BAZAR.A
- Threat Encyclopedia: Trojan.PS1.BAZALOADER.YXAK-A
- Threat Encyclopedia: Trojan.Win32.BAZALOADER.YXAK-A
- Threat Encyclopedia: Trojan.Win64.BAZALOADER.YXAK-A