{
	"id": "320c021a-d86e-4a83-850f-7a5508d1453a",
	"created_at": "2026-04-06T00:18:06.83561Z",
	"updated_at": "2026-04-10T03:21:43.027187Z",
	"deleted_at": null,
	"sha1_hash": "a49a264bfec121811308e00884dd90c25522d3bc",
	"title": "ATOMSILO (Malware Family)",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 28636,
	"plain_text": "ATOMSILO (Malware Family)\r\nBy Fraunhofer FKIE\r\nArchived: 2026-04-05 16:42:57 UTC\r\nAccording to PCrisk, AtomSilo is a type of malware that blocks access to files by encrypting them and renames\r\nevery encrypted file by appending the \".ATOMSILO\" to its filename. It renames \"1.jpg\" to \"1.jpg.ATOMSILO\",\r\n\"2.jpg\" to \"2.jpg.ATOMSILO\", and so on. As its ransom note, AtomSilo creates the \"README-FILE-\r\n#COMPUTER-NAME#-#CREATION-TIME#.hta\" file.\r\n[TLP:WHITE] win_atomsilo_auto (20251219 | Detects win.atomsilo.)\r\nSource: https://malpedia.caad.fkie.fraunhofer.de/details/win.atomsilo\r\nhttps://malpedia.caad.fkie.fraunhofer.de/details/win.atomsilo\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://malpedia.caad.fkie.fraunhofer.de/details/win.atomsilo"
	],
	"report_names": [
		"win.atomsilo"
	],
	"threat_actors": [],
	"ts_created_at": 1775434686,
	"ts_updated_at": 1775791303,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/a49a264bfec121811308e00884dd90c25522d3bc.pdf",
		"text": "https://archive.orkl.eu/a49a264bfec121811308e00884dd90c25522d3bc.txt",
		"img": "https://archive.orkl.eu/a49a264bfec121811308e00884dd90c25522d3bc.jpg"
	}
}