mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
guuid & + VenomKit
This commit is contained in:
parent
6c7d0f8684
commit
178d5219c7
1 changed files with 115 additions and 66 deletions
|
@ -12,14 +12,16 @@
|
||||||
"Stegano EK"
|
"Stegano EK"
|
||||||
],
|
],
|
||||||
"status": "Active"
|
"status": "Active"
|
||||||
}
|
},
|
||||||
|
"uuid": "e9ca60cd-94fc-4a54-ac98-30e675a46b3e"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Bingo",
|
"value": "Bingo",
|
||||||
"description": "Bingo EK is the name chosen by the defense for a Fiesta-ish EK first spotted in March 2017 and targetting at that times mostly Russia",
|
"description": "Bingo EK is the name chosen by the defense for a Fiesta-ish EK first spotted in March 2017 and targetting at that times mostly Russia",
|
||||||
"meta": {
|
"meta": {
|
||||||
"status": "Active"
|
"status": "Active"
|
||||||
}
|
},
|
||||||
|
"uuid": "9e864c01-3d9e-4b8d-811e-46471ff866e9"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Terror EK",
|
"value": "Terror EK",
|
||||||
|
@ -33,7 +35,8 @@
|
||||||
"Neptune EK"
|
"Neptune EK"
|
||||||
],
|
],
|
||||||
"status": "Active"
|
"status": "Active"
|
||||||
}
|
},
|
||||||
|
"uuid": "f15f9264-854e-4e25-8641-cde2faeb86e9"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "DealersChoice",
|
"value": "DealersChoice",
|
||||||
|
@ -48,7 +51,8 @@
|
||||||
"Sednit RTF EK"
|
"Sednit RTF EK"
|
||||||
],
|
],
|
||||||
"status": "Active"
|
"status": "Active"
|
||||||
}
|
},
|
||||||
|
"uuid": "0f116533-a755-4cfc-815a-fa6bcb85efb7"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "DNSChanger",
|
"value": "DNSChanger",
|
||||||
|
@ -62,7 +66,8 @@
|
||||||
"RouterEK"
|
"RouterEK"
|
||||||
],
|
],
|
||||||
"status": "Active"
|
"status": "Active"
|
||||||
}
|
},
|
||||||
|
"uuid": "74fb6a14-1279-4a5b-939a-76478d36d3e1"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Disdain",
|
"value": "Disdain",
|
||||||
|
@ -72,7 +77,8 @@
|
||||||
"http://blog.trendmicro.com/trendlabs-security-intelligence/new-disdain-exploit-kit-detected-wild/"
|
"http://blog.trendmicro.com/trendlabs-security-intelligence/new-disdain-exploit-kit-detected-wild/"
|
||||||
],
|
],
|
||||||
"status": "Active"
|
"status": "Active"
|
||||||
}
|
},
|
||||||
|
"uuid": "1ded776d-6772-4cc8-a27f-f61e24a58d96"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Kaixin",
|
"value": "Kaixin",
|
||||||
|
@ -86,7 +92,8 @@
|
||||||
"CK vip"
|
"CK vip"
|
||||||
],
|
],
|
||||||
"status": "Active"
|
"status": "Active"
|
||||||
}
|
},
|
||||||
|
"uuid": "e6c1cfcf-3e37-4f5a-9494-989dd8c43d88"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Magnitude",
|
"value": "Magnitude",
|
||||||
|
@ -103,7 +110,8 @@
|
||||||
"TopExp"
|
"TopExp"
|
||||||
],
|
],
|
||||||
"status": "Active"
|
"status": "Active"
|
||||||
}
|
},
|
||||||
|
"uuid": "6a313e11-5bb2-40ed-8cde-9de768b783b1"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "MWI",
|
"value": "MWI",
|
||||||
|
@ -114,9 +122,10 @@
|
||||||
"https://www.sophos.com/en-us/medialibrary/PDFs/technical%20papers/sophos-microsoft-word-intruder-revealed.pdf"
|
"https://www.sophos.com/en-us/medialibrary/PDFs/technical%20papers/sophos-microsoft-word-intruder-revealed.pdf"
|
||||||
],
|
],
|
||||||
"status": "Active"
|
"status": "Active"
|
||||||
}
|
},
|
||||||
|
"uuid": "489acbf2-d80b-4bb5-ac7d-c8573dcb6324"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "ThreadKit",
|
"value": "ThreadKit",
|
||||||
"description": "ThreadKit is the name given to a widely used Microsoft Office document exploit builder kit that appeared in June 2017",
|
"description": "ThreadKit is the name given to a widely used Microsoft Office document exploit builder kit that appeared in June 2017",
|
||||||
"meta": {
|
"meta": {
|
||||||
|
@ -124,7 +133,19 @@
|
||||||
"https://www.proofpoint.com/us/threat-insight/post/unraveling-ThreadKit-new-document-exploit-builder-distribute-The-Trick-Formbook-Loki-Bot-malware"
|
"https://www.proofpoint.com/us/threat-insight/post/unraveling-ThreadKit-new-document-exploit-builder-distribute-The-Trick-Formbook-Loki-Bot-malware"
|
||||||
],
|
],
|
||||||
"status": "Active"
|
"status": "Active"
|
||||||
}
|
},
|
||||||
|
"uuid": "b8be783c-69a8-11e8-adc0-fa7ae01bbebc"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "VenomKit",
|
||||||
|
"description": "VenomKit is the name given to a kit sold since april 2017 as \"Word 1day exploit builder\" by user badbullzvenom. Author allows only use in targeted campaign. Is used for instance by the \"Cobalt Gang\"",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
""
|
||||||
|
],
|
||||||
|
"status": "Active"
|
||||||
|
},
|
||||||
|
"uuid": "b8be7af8-69a8-11e8-adc0-fa7ae01bbebc"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "RIG",
|
"value": "RIG",
|
||||||
|
@ -143,7 +164,8 @@
|
||||||
"Meadgive"
|
"Meadgive"
|
||||||
],
|
],
|
||||||
"status": "Active"
|
"status": "Active"
|
||||||
}
|
},
|
||||||
|
"uuid": "0545e5c0-ed0d-4a02-a69d-31e9e2b31e8a"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Sednit EK",
|
"value": "Sednit EK",
|
||||||
|
@ -157,7 +179,8 @@
|
||||||
"SedKit"
|
"SedKit"
|
||||||
],
|
],
|
||||||
"status": "Active"
|
"status": "Active"
|
||||||
}
|
},
|
||||||
|
"uuid": "c8b9578a-78be-420c-a29b-9214d09685c8"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Sundown-P",
|
"value": "Sundown-P",
|
||||||
|
@ -171,7 +194,8 @@
|
||||||
"CaptainBlack"
|
"CaptainBlack"
|
||||||
],
|
],
|
||||||
"status": "Active"
|
"status": "Active"
|
||||||
}
|
},
|
||||||
|
"uuid": "3235ae90-598b-45dc-b336-852817b271a8"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Bizarro Sundown",
|
"value": "Bizarro Sundown",
|
||||||
|
@ -185,7 +209,8 @@
|
||||||
"Sundown-b"
|
"Sundown-b"
|
||||||
],
|
],
|
||||||
"status": "Retired"
|
"status": "Retired"
|
||||||
}
|
},
|
||||||
|
"uuid": "ef3b170e-3fbe-420b-b202-4689da137c50"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Hunter",
|
"value": "Hunter",
|
||||||
|
@ -198,7 +223,8 @@
|
||||||
"3ROS Exploit Kit"
|
"3ROS Exploit Kit"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen 2017-02-06"
|
"status": "Retired - Last seen 2017-02-06"
|
||||||
}
|
},
|
||||||
|
"uuid": "96b2b31e-b191-43c4-9929-48ba1cbee62c"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "GreenFlash Sundown",
|
"value": "GreenFlash Sundown",
|
||||||
|
@ -211,7 +237,8 @@
|
||||||
"Sundown-GF"
|
"Sundown-GF"
|
||||||
],
|
],
|
||||||
"status": "Active"
|
"status": "Active"
|
||||||
}
|
},
|
||||||
|
"uuid": "6e5c0dbb-fb0b-45ea-ac6c-bb6d8324bbd2"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Angler",
|
"value": "Angler",
|
||||||
|
@ -228,7 +255,8 @@
|
||||||
"Axpergle"
|
"Axpergle"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen: 2016-06-07"
|
"status": "Retired - Last seen: 2016-06-07"
|
||||||
}
|
},
|
||||||
|
"uuid": "5daf41c7-b297-4228-85d1-eb040d5b7c90"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Archie",
|
"value": "Archie",
|
||||||
|
@ -238,7 +266,8 @@
|
||||||
"https://www.alienvault.com/blogs/labs-research/archie-just-another-exploit-kit"
|
"https://www.alienvault.com/blogs/labs-research/archie-just-another-exploit-kit"
|
||||||
],
|
],
|
||||||
"status": "Retired"
|
"status": "Retired"
|
||||||
}
|
},
|
||||||
|
"uuid": "2756caae-d2c5-4170-9e76-2b7f1b1fccb1"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "BlackHole",
|
"value": "BlackHole",
|
||||||
|
@ -252,7 +281,8 @@
|
||||||
"BHEK"
|
"BHEK"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen: 2013-10-07"
|
"status": "Retired - Last seen: 2013-10-07"
|
||||||
}
|
},
|
||||||
|
"uuid": "e6201dc3-01a7-40c5-ba72-02fa470ada53"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Bleeding Life",
|
"value": "Bleeding Life",
|
||||||
|
@ -267,7 +297,8 @@
|
||||||
"BL2"
|
"BL2"
|
||||||
],
|
],
|
||||||
"status": "Retired"
|
"status": "Retired"
|
||||||
}
|
},
|
||||||
|
"uuid": "5abe6240-dce2-4455-8125-ddae2e651243"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Cool",
|
"value": "Cool",
|
||||||
|
@ -283,7 +314,8 @@
|
||||||
"Styxy Cool"
|
"Styxy Cool"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen: 2013-10-07"
|
"status": "Retired - Last seen: 2013-10-07"
|
||||||
}
|
},
|
||||||
|
"uuid": "9bb229b0-80f9-48e5-b8fb-00ee7af070cb"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Fiesta",
|
"value": "Fiesta",
|
||||||
|
@ -298,7 +330,8 @@
|
||||||
"Fiexp"
|
"Fiexp"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last Seen: beginning of 2015-07"
|
"status": "Retired - Last Seen: beginning of 2015-07"
|
||||||
}
|
},
|
||||||
|
"uuid": "f50f860a-d795-4f4e-a170-8190f65499ad"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Empire",
|
"value": "Empire",
|
||||||
|
@ -311,7 +344,8 @@
|
||||||
"RIG-E"
|
"RIG-E"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen: 2016-12-29"
|
"status": "Retired - Last seen: 2016-12-29"
|
||||||
}
|
},
|
||||||
|
"uuid": "6eb15569-4ddd-4820-9a44-7bca5b303b86"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "FlashPack",
|
"value": "FlashPack",
|
||||||
|
@ -328,17 +362,8 @@
|
||||||
"Vintage Pack"
|
"Vintage Pack"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen: middle of 2015-04"
|
"status": "Retired - Last seen: middle of 2015-04"
|
||||||
}
|
},
|
||||||
},
|
"uuid": "55a30ccc-8905-4af2-a498-5c0010815cc1"
|
||||||
{
|
|
||||||
"value": "Glazunov",
|
|
||||||
"description": "Glazunov is an exploit kit mainly seen behind compromised website in 2012 and 2013. Glazunov compromission is likely the ancestor activity of what became EITest in July 2014. Sibhost and Flimkit later shown similarities with this Exploit Kit",
|
|
||||||
"meta": {
|
|
||||||
"refs": [
|
|
||||||
"https://nakedsecurity.sophos.com/2013/06/24/taking-a-closer-look-at-the-glazunov-exploit-kit/"
|
|
||||||
],
|
|
||||||
"status": "Retired - Last seen: maybe end of 2013"
|
|
||||||
}
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "GrandSoft",
|
"value": "GrandSoft",
|
||||||
|
@ -354,7 +379,8 @@
|
||||||
"SofosFO"
|
"SofosFO"
|
||||||
],
|
],
|
||||||
"status": "Active"
|
"status": "Active"
|
||||||
}
|
},
|
||||||
|
"uuid": "180b6969-2aca-4642-b684-b57db8f0eff8"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "HanJuan",
|
"value": "HanJuan",
|
||||||
|
@ -367,7 +393,8 @@
|
||||||
"https://twitter.com/kafeine/status/562575744501428226"
|
"https://twitter.com/kafeine/status/562575744501428226"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen: 2015-07"
|
"status": "Retired - Last seen: 2015-07"
|
||||||
}
|
},
|
||||||
|
"uuid": "886abdc6-db1a-4fc5-afe0-e17d65a83614"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Himan",
|
"value": "Himan",
|
||||||
|
@ -380,7 +407,8 @@
|
||||||
"High Load"
|
"High Load"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen: 2014-04"
|
"status": "Retired - Last seen: 2014-04"
|
||||||
}
|
},
|
||||||
|
"uuid": "3d0cb558-7f04-4be8-963e-5f137566b07b"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Impact",
|
"value": "Impact",
|
||||||
|
@ -390,7 +418,8 @@
|
||||||
"http://malware.dontneedcoffee.com/2012/12/inside-impact-exploit-kit-back-on-track.html"
|
"http://malware.dontneedcoffee.com/2012/12/inside-impact-exploit-kit-back-on-track.html"
|
||||||
],
|
],
|
||||||
"status": "Retired"
|
"status": "Retired"
|
||||||
}
|
},
|
||||||
|
"uuid": "319357b4-3041-4a71-89c5-51be08041d1b"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Infinity",
|
"value": "Infinity",
|
||||||
|
@ -405,7 +434,8 @@
|
||||||
"Goon"
|
"Goon"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen: 2014-07"
|
"status": "Retired - Last seen: 2014-07"
|
||||||
}
|
},
|
||||||
|
"uuid": "4b858835-7b31-4b94-8144-b5175da1551f"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Lightsout",
|
"value": "Lightsout",
|
||||||
|
@ -417,7 +447,8 @@
|
||||||
"http://malwageddon.blogspot.fr/2013/09/unknown-ek-by-way-how-much-is-fish.html"
|
"http://malwageddon.blogspot.fr/2013/09/unknown-ek-by-way-how-much-is-fish.html"
|
||||||
],
|
],
|
||||||
"status": "Unknown - Last seen: 2014-03"
|
"status": "Unknown - Last seen: 2014-03"
|
||||||
}
|
},
|
||||||
|
"uuid": "244c05f8-1a2f-47fb-9dcf-2eaa99ab6aa1"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Nebula",
|
"value": "Nebula",
|
||||||
|
@ -427,7 +458,8 @@
|
||||||
"http://malware.dontneedcoffee.com/2017/03/nebula-exploit-kit.html"
|
"http://malware.dontneedcoffee.com/2017/03/nebula-exploit-kit.html"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen 2017-03-09"
|
"status": "Retired - Last seen 2017-03-09"
|
||||||
}
|
},
|
||||||
|
"uuid": "4ca96067-8fdd-4b48-bd34-d2e175e27bad"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Neutrino",
|
"value": "Neutrino",
|
||||||
|
@ -443,7 +475,8 @@
|
||||||
"Neutrino-v"
|
"Neutrino-v"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen 2017-04-10"
|
"status": "Retired - Last seen 2017-04-10"
|
||||||
}
|
},
|
||||||
|
"uuid": "218ae39b-2f92-4355-91c6-50cce319d26d"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Niteris",
|
"value": "Niteris",
|
||||||
|
@ -457,7 +490,8 @@
|
||||||
"CottonCastle"
|
"CottonCastle"
|
||||||
],
|
],
|
||||||
"status": "Unknown - Last seen: 2015-11"
|
"status": "Unknown - Last seen: 2015-11"
|
||||||
}
|
},
|
||||||
|
"uuid": "b344133f-e223-4fda-8fb2-88ad7999e549"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Nuclear",
|
"value": "Nuclear",
|
||||||
|
@ -473,7 +507,8 @@
|
||||||
"Neclu"
|
"Neclu"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen: 2015-04-30"
|
"status": "Retired - Last seen: 2015-04-30"
|
||||||
}
|
},
|
||||||
|
"uuid": "e7c516f9-5222-4f0d-b80b-ae9f4c24583d"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Phoenix",
|
"value": "Phoenix",
|
||||||
|
@ -487,7 +522,8 @@
|
||||||
"PEK"
|
"PEK"
|
||||||
],
|
],
|
||||||
"status": "Retired"
|
"status": "Retired"
|
||||||
}
|
},
|
||||||
|
"uuid": "0df2c7a6-046f-4489-8c77-0999c92c839d"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Private Exploit Pack",
|
"value": "Private Exploit Pack",
|
||||||
|
@ -501,7 +537,8 @@
|
||||||
"PEP"
|
"PEP"
|
||||||
],
|
],
|
||||||
"status": "Retired"
|
"status": "Retired"
|
||||||
}
|
},
|
||||||
|
"uuid": "cfd0a4af-f559-496f-b56b-97145ea4e4c3"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Redkit",
|
"value": "Redkit",
|
||||||
|
@ -513,7 +550,8 @@
|
||||||
"https://nakedsecurity.sophos.com/2013/05/09/redkit-exploit-kit-part-2/"
|
"https://nakedsecurity.sophos.com/2013/05/09/redkit-exploit-kit-part-2/"
|
||||||
],
|
],
|
||||||
"status": "Retired"
|
"status": "Retired"
|
||||||
}
|
},
|
||||||
|
"uuid": "6958ff90-75e8-47ee-ab07-daa8d487130c"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Sakura",
|
"value": "Sakura",
|
||||||
|
@ -523,19 +561,25 @@
|
||||||
"http://www.xylibox.com/2012/01/sakura-exploit-pack-10.html"
|
"http://www.xylibox.com/2012/01/sakura-exploit-pack-10.html"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen: 2013-09"
|
"status": "Retired - Last seen: 2013-09"
|
||||||
}
|
},
|
||||||
|
"uuid": "12af9112-3ac5-4422-858e-a22c293c6117"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "SPL",
|
||||||
|
"description": "SPL exploit kit was mainly seen in 2012/2013 most often associated with ZeroAccess and Scareware/FakeAV",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"http://www.malwaresigs.com/2012/12/05/spl-exploit-kit/"
|
||||||
|
],
|
||||||
|
"status": "Retired - Last seen: 2015-04",
|
||||||
|
"synonyms": [
|
||||||
|
"SPL_Data",
|
||||||
|
"SPLNet",
|
||||||
|
"SPL2"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "15936d30-c151-4051-835e-df327143ce76"
|
||||||
},
|
},
|
||||||
{
|
|
||||||
"value": "SPL",
|
|
||||||
"description": "SPL exploit kit was mainly seen in 2012/2013 most often associated with ZeroAccess and Scareware/FakeAV",
|
|
||||||
"meta": {
|
|
||||||
"refs": ["http://www.malwaresigs.com/2012/12/05/spl-exploit-kit/"],
|
|
||||||
"status": "Retired - Last seen: 2015-04",
|
|
||||||
"synonyms": ["SPL_Data",
|
|
||||||
"SPLNet",
|
|
||||||
"SPL2"],
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"value": "Sundown",
|
"value": "Sundown",
|
||||||
"description": "Sundown Exploit Kit is mainly built out of stolen code from other exploit kits",
|
"description": "Sundown Exploit Kit is mainly built out of stolen code from other exploit kits",
|
||||||
|
@ -551,7 +595,8 @@
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen 2017-03-08",
|
"status": "Retired - Last seen 2017-03-08",
|
||||||
"colour": "#C03701"
|
"colour": "#C03701"
|
||||||
}
|
},
|
||||||
|
"uuid": "670e28c4-001a-4ba4-b276-441620225123"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Sweet-Orange",
|
"value": "Sweet-Orange",
|
||||||
|
@ -565,7 +610,8 @@
|
||||||
"Anogre"
|
"Anogre"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen: 2015-04-05"
|
"status": "Retired - Last seen: 2015-04-05"
|
||||||
}
|
},
|
||||||
|
"uuid": "222bc508-4d8d-4972-9cac-65192cfefd43"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Styx",
|
"value": "Styx",
|
||||||
|
@ -577,7 +623,8 @@
|
||||||
"http://malware.dontneedcoffee.com/2013/05/inside-styx-2013-05.html"
|
"http://malware.dontneedcoffee.com/2013/05/inside-styx-2013-05.html"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen: 2014-06"
|
"status": "Retired - Last seen: 2014-06"
|
||||||
}
|
},
|
||||||
|
"uuid": "006eaa87-e8a6-4808-93ff-302b52c628b0"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "WhiteHole",
|
"value": "WhiteHole",
|
||||||
|
@ -587,7 +634,8 @@
|
||||||
"http://malware.dontneedcoffee.com/2013/02/briefly-wave-whitehole-exploit-kit-hello.html"
|
"http://malware.dontneedcoffee.com/2013/02/briefly-wave-whitehole-exploit-kit-hello.html"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen: 2013-12"
|
"status": "Retired - Last seen: 2013-12"
|
||||||
}
|
},
|
||||||
|
"uuid": "570bc715-7fe8-430b-bd2e-5512c95f2370"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "Unknown",
|
"value": "Unknown",
|
||||||
|
@ -598,10 +646,11 @@
|
||||||
"https://twitter.com/node5",
|
"https://twitter.com/node5",
|
||||||
"https://twitter.com/kahusecurity"
|
"https://twitter.com/kahusecurity"
|
||||||
]
|
]
|
||||||
}
|
},
|
||||||
|
"uuid": "00815961-3249-4e2e-9421-bb57feb73bb2"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 5,
|
"version": 7,
|
||||||
"uuid": "454f4e78-bd7c-11e6-a4a6-cec0c932ce01",
|
"uuid": "454f4e78-bd7c-11e6-a4a6-cec0c932ce01",
|
||||||
"description": "Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits.It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years",
|
"description": "Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits.It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years",
|
||||||
"authors": [
|
"authors": [
|
||||||
|
|
Loading…
Reference in a new issue