Merge pull request #120 from Delta-Sierra/master

update tool galaxy
This commit is contained in:
Alexandre Dulaunoy 2017-11-21 06:47:16 +01:00 committed by GitHub
commit 198240fdff
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -10,7 +10,7 @@
], ],
"description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.", "description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
"uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f", "uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f",
"version": 36, "version": 37,
"values": [ "values": [
{ {
"meta": { "meta": {
@ -3038,6 +3038,39 @@
"https://www.us-cert.gov/ncas/alerts/TA17-318B" "https://www.us-cert.gov/ncas/alerts/TA17-318B"
] ]
} }
},
{
"value": "Nymaim",
"description": "Nymaim is a 2-year-old strain of malware most closely associated with ransomware. We have seen recent attacks spreading it using an established email marketing service provider to avoid blacklists and detection tools. But instead of ransomware, the malware is now being used to distribute banking Trojans",
"meta": {
"refs": [
"https://www.proofpoint.com/us/what-old-new-again-nymaim-moves-past-its-ransomware-roots-0"
]
}
},
{
"value": "GootKit",
"description": "As was the case earlier, the bot Gootkit is written in NodeJS, and is downloaded to a victim computer via a chain of downloaders. The main purpose of the bot also remained the same to steal banking data. The new Gootkit version, detected in September, primarily targets clients of European banks, including those in Germany, France, Italy, the Netherlands, Poland, etc.",
"meta": {
"refs": [
"https://securelist.com/inside-the-gootkit-cc-server/76433/",
"https://securityintelligence.com/gootkit-bobbing-and-weaving-to-avoid-prying-eyes/",
"https://securityintelligence.com/gootkit-launches-redirection-attacks-in-the-uk/",
"https://www.symantec.com/security_response/writeup.jsp?docid=2010-051118-0604-99"
],
"synonyms": [
"Gootkit"
]
}
},
{
"value": "Agent Tesla",
"description": "Agent Tesla is modern powerful keystroke logger. It provides monitoring your personel computer via keyboard and screenshot. Keyboard, screenshot and registered passwords are sent in log. You can receive your logs via e-mail, ftp or php(web panel). ",
"meta": {
"refs": [
"https://www.agenttesla.com/"
]
}
} }
] ]
} }