MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 23:07:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

chg: [tool] Karkoff tool added

Browse source
This commit is contained in:
Alexandre Dulaunoy 2019-04-24 11:40:06 +02:00
parent e727a6eb63
commit 088e7477a6
Signed by: adulau
GPG key ID: 09E2CD4944E6CBCD
1 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
clusters/tool.json
View file

@ -7630,7 +7630,17 @@
},
"uuid": "e1ca79ea-5628-4266-bb36-3892c7126ef4",
"value": "Brushaloader"
},
{
"uuid": "a9fc6d3d-09d5-45c3-a91e-e8c61ef37908",
"value": "Karkoff",
"meta": {
"refs": [
"https://blog.talosintelligence.com/2019/04/dnspionage-brings-out-karkoff.html"
]
},
"description": "In addition to increased reports of threat activity, we have also discovered new evidence that the threat actors behind the DNSpionage campaign continue to change their tactics, likely in an attempt to improve the efficacy of their operations. In February, we discovered some changes to the actors' tactics, techniques and procedures (TTPs), including the use of a new reconnaissance phase that selectively chooses which targets to infect with malware. In April 2019, we also discovered the actors using a new malware, which we are calling Karkoff."
}
],
"version": 116
"version": 117
}