Merge pull request #273 from Delta-Sierra/master

update synonyms & attributions
This commit is contained in:
Alexandre Dulaunoy 2018-10-04 11:17:19 +02:00 committed by GitHub
commit 276992f180
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 16 additions and 3 deletions

View file

@ -2069,9 +2069,11 @@
"APT 28", "APT 28",
"APT28", "APT28",
"Pawn Storm", "Pawn Storm",
"PawnStorm",
"Fancy Bear", "Fancy Bear",
"Sednit", "Sednit",
"TsarTeam", "TsarTeam",
"Tsar Team",
"TG-4127", "TG-4127",
"Group-4127", "Group-4127",
"STRONTIUM", "STRONTIUM",
@ -4620,7 +4622,8 @@
"Islamic State Hacking Division", "Islamic State Hacking Division",
"CCA", "CCA",
"United Cyber Caliphate", "United Cyber Caliphate",
"UUC" "UUC",
"CyberCaliphate"
] ]
}, },
"uuid": "76f6ad4e-2ff3-4ccb-b81d-18162f290af0", "uuid": "76f6ad4e-2ff3-4ccb-b81d-18162f290af0",
@ -5917,5 +5920,5 @@
] ]
} }
], ],
"version": 68 "version": 69
} }

View file

@ -5863,7 +5863,17 @@
"type": "similar" "type": "similar"
} }
] ]
},
{
"value": "ZEBROCY",
"description": "ZEBROCY is a tool used by APT28, which has been observed since late 2015. The communications module used by ZEBROCY transmits using HTTP. The implant has key logging and file exfiltration functionality and utilises a file collection capability that identifies files with particular extensions.",
"meta": {
"refs": [
"https://www.ncsc.gov.uk/alerts/indicators-compromise-malware-used-apt28"
]
},
"uuid": "8a2ae47a-c7b2-11e8-b223-ab4d8f78f3ef"
} }
], ],
"version": 90 "version": 91
} }