MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-26 16:57:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[threat-actors] Add REF5961

Browse source
This commit is contained in:
Mathieu4141 2023-11-06 05:26:26 -08:00
parent ee354d9d75
commit 18811f8056
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
clusters/threat-actor.json
View file

@ -12452,6 +12452,17 @@
}, },
"uuid": "cdcfd3e1-4e42-4746-b1f1-66d5ce27b4da", "uuid": "cdcfd3e1-4e42-4746-b1f1-66d5ce27b4da",
"value": "HiddenArt" "value": "HiddenArt"
},
{
"description": "Elastic's security team has published a report on REF5961, a cyber-espionage group they found on the network of a Foreign Affairs Ministry from a member of the Association of Southeast Asian Nations (ASEAN). Elastic says it found the group's tools next to the malware of another cyber-espionage group it tracks as REF2924. REF5961's arsenal includes malware such as EAGERBEE, RUDEBIRD, and DOWNTOWN.",
"meta": {
"refs": [
"https://www.elastic.co/security-labs/introducing-the-ref5961-intrusion-set",
"https://www.elastic.co/security-labs/disclosing-the-bloodalchemy-backdoor"
]
},
"uuid": "64234b2e-0c78-466d-8253-0df339f99f5f",
"value": "REF5961"
} }
], ],
"version": 289 "version": 289