{"group":"entropy","count":1,"rules":[{"rule_name":"entropy.yar","rule_text":"/*\nEntropy ransomware (Conti-based)\n*/\n\nrule Entropy_Ransomnote\n{\n    meta:\n        author = \"ransomware.live\"\n        family = \"ransomware.entropy\"\n        description = \"Detects Entropy ransomware ransom note\"\n        date = \"2026-05-04\"\n        severity = 7\n        score = 70\n\n    strings:\n        $s1 = \"Entropy\" ascii nocase\n        $s2 = \"ENTROPY\" ascii\n        $s3 = \"entropy.onion\" ascii nocase\n        $s4 = \"W8Locker\" ascii nocase\n\n    condition:\n        any of them\n}","sha256":"40f3a05fc4a7c2d06c05385c62f46abac833f0edff38706eb89c71fce724fb7a","byte_size":479,"updated_at":"2026-06-24 05:16:01"}]}