Sign In with your
Trend Micro Account
需要協助?
需要協助?

若您需要技術支援,請 按此建立案件。

Sodinikibi Ransomware Information

    • 更新於:
    • 21 Jan 2020
    • 產品/版本:
    • 作業系統:
概要

Sodinokibi ransomware first spotted April 2019. This ransomware way of infecting machines is by (i)exploiting the Oracle WebLogic Server vulnerability CVE-2019-2725, (ii) malicious spam campaign, (iii) exposed Remote desktop endpoints (RDPs). It has the capability of stealing computer data such as operating system version, operating system architecture, username, user’s security identification (SID), stored information such as user names, passwords and hostnames from different browsers.

Behaviors

Gathers the following data:

  • User Name
  • Computer Name
  • Workgroup
  • Systems Architecture
  • Operating System
  • Processor Information

Capabilities

  • Information Theft
  • Exploits
  • Disabling usage capability

Infection Chain

Detection Coverage

File Reputation

Detection/Policy/RulesPattern Branch/VersionRelease Date
TrojanSpy.Win32.LOKI.TIOIBODR15.349.00September 7, 2019
Trojan.PS1.POWALYS.A
Ransom.Win32.SODINOKIBI.AUWTL
TROJ_FRS.0NA103HK19
Ransom.Win32.SODINOKIBI.AUWTL.note

Predictive Machine Learning

DetectionPattern Branch/Version
Troj.Win32.TRX.XXPE50FFF031In-the-cloud

Web Reputation

DetectionPattern Branch/Version
URL ProtectionIn-the-cloud

Email Protection

DetectionPattern Branch/Version
TMASE 25044.002In-the-cloud
詳情
Public

Solution Map - What should customers do?

Trend Micro SolutionMajor ProductLatest VersionVirus PatternAnti-Spam PatternNetwork PatternPredictive Machine LearningWeb Reputation




Endpoint Security
ApexOne2019



Update pattern via web console



Not Applicable
Update pattern via web console



Enable Predictive Machine Learning




Enable Web Reputation Service and update pattern via web console
OfficeScanXG (12.0)


Not Applicable

Worry-Free Business Security
Standard (10.0)
Advanced (10.0)Update pattern via web console
Hybrid Cloud SecurityDeep Security12.0Update pattern via web consoleNot ApplicableUpdate pattern via web consoleEnable Predictive Machine LearningEnable Web Reputation Service and update pattern via web console





Email and Gateway Security
Deep Discovery Email Inspector3.5




Update pattern via web console





Update pattern via web console
Update pattern via web console




Not Applicable




Enable Web Reputation Service and update pattern via web console
InterScan Messaging Security9.1


Not Applicable
InterScan Web Security6.5
ScanMail for Microsoft Exchange14.0
Network SecurityDeep Discovery Inspector5.5Update pattern via web consoleNot ApplicableUpdate pattern via web consoleNot ApplicableEnable Web Reputation Service and update pattern via web console

Recommendation

Threat Report

Blog

Premium
Internal
Partner
評價:
分類:
Remove a Malware / Virus
解決方案ID:
000238277
評定這個解決方案
本文是否幫助解決您的問題?

感謝您的意見!


本意見調查系統為自動運作,將不會回覆如銷售、技術、產品等一般問題.

若您需要協助,請聯繫對應的技術支援窗口. 聯絡我們


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.