mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
add Rovnix
This commit is contained in:
parent
e4b95abce3
commit
1a18ffb3eb
1 changed files with 14 additions and 1 deletions
|
@ -11,7 +11,7 @@
|
|||
],
|
||||
"description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
|
||||
"uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f",
|
||||
"version": 62,
|
||||
"version": 63,
|
||||
"values": [
|
||||
{
|
||||
"meta": {
|
||||
|
@ -4126,6 +4126,19 @@
|
|||
]
|
||||
},
|
||||
"uuid": "8c0a7e1e-3cc4-11e8-8f03-2f71e72f737b"
|
||||
},
|
||||
{
|
||||
"value": "Rovnix",
|
||||
"description": "We recently found that the malware family ROVNIX is capable of being distributed via macro downloader. This malware technique was previously seen in the DRIDEX malware, which was notable for using the same routines. DRIDEX is also known as the successor of the banking malware CRIDEX.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://blog.trendmicro.com/trendlabs-security-intelligence/rovnix-infects-systems-with-password-protected-macros/"
|
||||
],
|
||||
"synonyms": [
|
||||
"ROVNIX"
|
||||
]
|
||||
},
|
||||
"uuid": "a4036a28-3d94-11e8-ad9f-97ada3c6d5fb"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue