cti-ATT-CK-v13.1/ics-attack/malware/malware--2eaa5319-5e1e-4dd7-bbc4-566fced3964a.json

{
    "type": "bundle",
    "id": "bundle--d8fc0555-f3d0-4619-b6ff-eaabddced37f",
    "spec_version": "2.0",
    "objects": [
        {
            "modified": "2022-10-12T17:29:57.200Z",
            "name": "Bad Rabbit",
            "description": "[Bad Rabbit](https://attack.mitre.org/software/S0606) is a self-propagating ransomware that affected the Ukrainian transportation sector in 2017. [Bad Rabbit](https://attack.mitre.org/software/S0606) has also targeted organizations and consumers in Russia. (Citation: Secure List Bad Rabbit)(Citation: ESET Bad Rabbit)(Citation: Dragos IT ICS Ransomware) ",
            "x_mitre_platforms": [
                "Windows"
            ],
            "x_mitre_deprecated": false,
            "x_mitre_domains": [
                "enterprise-attack",
                "ics-attack"
            ],
            "x_mitre_version": "1.0",
            "x_mitre_aliases": [
                "Bad Rabbit",
                "Win32/Diskcoder.D"
            ],
            "type": "malware",
            "id": "malware--2eaa5319-5e1e-4dd7-bbc4-566fced3964a",
            "created": "2021-02-09T14:35:39.455Z",
            "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "revoked": false,
            "external_references": [
                {
                    "source_name": "mitre-attack",
                    "url": "https://attack.mitre.org/software/S0606",
                    "external_id": "S0606"
                },
                {
                    "source_name": "ESET Bad Rabbit",
                    "description": "M.L\u00e9veille, M-E.. (2017, October 24). Bad Rabbit: Not\u2011Petya is back with improved ransomware. Retrieved January 28, 2021.",
                    "url": "https://www.welivesecurity.com/2017/10/24/bad-rabbit-not-petya-back/"
                },
                {
                    "source_name": "Secure List Bad Rabbit",
                    "description": "Mamedov, O. Sinitsyn, F.  Ivanov, A.. (2017, October 24). Bad Rabbit ransomware. Retrieved January 28, 2021.",
                    "url": "https://securelist.com/bad-rabbit-ransomware/82851/"
                },
                {
                    "source_name": "Dragos IT ICS Ransomware",
                    "description": "Slowik, J.. (2019, April 10). Implications of IT Ransomware for ICS Environments. Retrieved January 28, 2021.",
                    "url": "https://www.dragos.com/blog/industry-news/implications-of-it-ransomware-for-ics-environments/"
                }
            ],
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
            "labels": [
                "malware"
            ],
            "x_mitre_attack_spec_version": "2.1.0",
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5"
        }
    ]
}