MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 23:07:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Explosive malware added

Browse source
This commit is contained in:
Alexandre Dulaunoy 2016-11-07 16:17:09 +01:00
parent 0363dc607b
commit 1b92f13c93
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
clusters/tools.json
View file

@ -616,6 +616,11 @@
"value": "Empire",
"description": "Empire is a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework",
"refs": ["https://github.com/adaptivethreat/Empire"]
},
{
"value": "Explosive",
"description": "Beginning in late 2012, a carefully orchestrated attack campaign we call Volatile Cedar has been targeting individuals, companies and institutions worldwide. This campaign, led by a persistent attacker group, has successfully penetrated a large number of targets using various attack techniques, and specifically, a custom-made malware implant codenamed Explosive. ",
"refs": ["https://www.checkpoint.com/downloads/volatile-cedar-technical-report.pdf"]
}
],
"version": 2,