add Winnti related tools etc.

This commit is contained in:
Deborah Servili 2019-10-31 10:36:15 +01:00
parent 88025a541f
commit 0a8f989e1c
No known key found for this signature in database
GPG key ID: 7E3A832850D4D7D1
2 changed files with 18 additions and 4 deletions

View file

@ -671,8 +671,12 @@
"https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-july-wicked-spider/" "https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-july-wicked-spider/"
], ],
"synonyms": [ "synonyms": [
"Winnti Umbrella"
"Winnti Group", "Winnti Group",
"Tailgater Team", "Tailgater Team",
"Suckfly"
"APT41",
"APT 41"
"Group 72", "Group 72",
"Group72", "Group72",
"Tailgater", "Tailgater",
@ -7756,5 +7760,5 @@
"value": "Operation Soft Cell" "value": "Operation Soft Cell"
} }
], ],
"version": 136 "version": 137
} }

View file

@ -663,7 +663,9 @@
"synonyms": [ "synonyms": [
"Etso", "Etso",
"SUQ", "SUQ",
"Agent.ALQHI" "Agent.ALQHI",
"RbDoor",
"RibDoor","HIGHNOON"
], ],
"type": [ "type": [
"Backdoor" "Backdoor"
@ -5352,7 +5354,8 @@
"meta": { "meta": {
"refs": [ "refs": [
"https://cdn.securelist.com/files/2017/08/ShadowPad_technical_description_PDF.pdf" "https://cdn.securelist.com/files/2017/08/ShadowPad_technical_description_PDF.pdf"
] ],
"synonyms":[ "POISONPLUG", "Barlaiy"]
}, },
"related": [ "related": [
{ {
@ -7859,7 +7862,14 @@
"description": "Legitimate tool - tool used to scan IPv4/IPv6 networks and remotely execute PowerShell commands.", "description": "Legitimate tool - tool used to scan IPv4/IPv6 networks and remotely execute PowerShell commands.",
"uuid": "bbba3a35-5064-4e60-ad4b-0ba16cc81a23", "uuid": "bbba3a35-5064-4e60-ad4b-0ba16cc81a23",
"value": "Netscan" "value": "Netscan"
},
{
"value":"ShadowHammer",
"description": "Malware embedded in Asus Live Update in 2018. ShadowHammer triggers its malicious behavior only if the computer it is running on has a network adapter with the MAC address whitelisted by the attacker.",
"meta": {
"refs": ["https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Winnti.pdf"]
}
} }
], ],
"version": 126 "version": 127
} }