AtomSilo

Description

According to PCrisk, AtomSilo is a type of malware that blocks access to files by encrypting them and renames every encrypted file by appending the ‘.ATOMSILO’ to its filename. It renames ‘1.jpg’ to ‘1.jpg.ATOMSILO’, ‘2.jpg’ to ‘2.jpg.ATOMSILO’, and so on. As its ransom note, AtomSilo creates the ‘README-FILE-#COMPUTER-NAME#-#CREATION-TIME#.hta’ file.

Names

Name
AtomSilo

Category

Malware

Type

• Ransomware

Information

• https://chuongdong.com//reverse%20engineering/2021/10/13/AtomSiloRansomware/
• https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself
• https://news.sophos.com/en-us/2021/10/04/atom-silo-ransomware-actors-use-confluence-exploit-dll-side-load-for-stealthy-attack/
• https://www.secureworks.com/research/bronze-starlight-ransomware-operations-use-hui-loader
• https://chuongdong.com/reverse%20engineering/2021/10/13/AtomSiloRansomware/
• https://decoded.avast.io/threatintel/decryptor-for-atomsilo-and-lockfile-ransomware/
• https://twitter.com/siri_urz/status/1437664046556274694?s=20
• https://www.zscaler.com/blogs/security-research/atomsilo-ransomware-enters-league-double-extortion
• https://news.sophos.com/en-us/2022/03/17/the-ransomware-threat-intelligence-center/

Malpedia

• https://malpedia.caad.fkie.fraunhofer.de/details/win.atomsilo

Other Information

Uuid

2cc89be8-f828-4db4-9ce7-9fdb7b85d5c0

Last Card Change

2023-11-30