mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-22 23:07:19 +00:00
add relationships on Mirai
This commit is contained in:
parent
f7e10cb38d
commit
29beb01dc3
2 changed files with 90 additions and 3 deletions
|
@ -591,6 +591,20 @@
|
|||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "f24ad5ca-04c5-4cd0-bd72-209ebce4fdbc",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "variant-of"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "025ab0ce-bffc-11e8-be19-d70ec22c5d56",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "variant-of"
|
||||
}
|
||||
],
|
||||
"uuid": "fcdfd4af-da35-49a8-9610-19be8a487185",
|
||||
|
@ -684,15 +698,38 @@
|
|||
"value": "Mettle"
|
||||
},
|
||||
{
|
||||
"description": "IoT botnet, Mirai variant that has added three exploits to its arsenal. After a successful exploit, this bot downloads its payload, Owari bot - another Mirai variant - or Omni bot.",
|
||||
"description": "IoT botnet, Mirai variant that has added three exploits to its arsenal. After a successful exploit, this bot downloads its payload, Owari bot - another Mirai variant - or Omni bot. Author is called WICKED",
|
||||
"meta": {
|
||||
"date": "2018",
|
||||
"refs": [
|
||||
"https://www.fortinet.com/blog/threat-research/a-wicked-family-of-bots.html"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
{
|
||||
"dest-uuid": "fcdfd4af-da35-49a8-9610-19be8a487185",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "variant-of"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "dcbf1aaa-1fdd-4bfc-a35e-145ffdfb5ac5",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "variant-of"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "025ab0ce-bffc-11e8-be19-d70ec22c5d56",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "variant-of"
|
||||
}
|
||||
],
|
||||
"uuid": "f24ad5ca-04c5-4cd0-bd72-209ebce4fdbc",
|
||||
"value": "WICKED"
|
||||
"value": "Owari"
|
||||
},
|
||||
{
|
||||
"description": "Brain Food is usually the second step in a chain of redirections, its PHP code is polymorphic and obfuscated with multiple layers of base64 encoding. Backdoor functionalities are also embedded in the code allowing remote execution of shell code on web servers which are configured to allow the PHP 'system' command.",
|
||||
|
@ -813,7 +850,43 @@
|
|||
]
|
||||
},
|
||||
"uuid": "40795af6-b721-11e8-9fcb-570c0b384135"
|
||||
},
|
||||
{
|
||||
"value": "Sora",
|
||||
"description": "Big changes on the IoT malware scene. Security researchers have spotted a version of the Mirai IoT malware that can run on a vast range of architectures, and even on Android devices. This Mirai malware strain is called Sora, a strain that was first spotted at the start of the year.Initial versions were nothing out of the ordinary, and Sora's original author soon moved on to developing the Mirai Owari version, shortly after Sora's creation.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://www.bleepingcomputer.com/news/security/mirai-iot-malware-uses-aboriginal-linux-to-target-multiple-platforms/"
|
||||
],
|
||||
"synonyms": [
|
||||
"Mirai Sora"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
{
|
||||
"dest-uuid": "fcdfd4af-da35-49a8-9610-19be8a487185",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "variant-of"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "dcbf1aaa-1fdd-4bfc-a35e-145ffdfb5ac5",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "variant-of"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "f24ad5ca-04c5-4cd0-bd72-209ebce4fdbc",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "variant-of"
|
||||
}
|
||||
],
|
||||
"uuid": "025ab0ce-bffc-11e8-be19-d70ec22c5d56"
|
||||
}
|
||||
],
|
||||
"version": 11
|
||||
"version": 12
|
||||
}
|
||||
|
|
|
@ -2387,6 +2387,20 @@
|
|||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "f24ad5ca-04c5-4cd0-bd72-209ebce4fdbc",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "variant-of"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "025ab0ce-bffc-11e8-be19-d70ec22c5d56",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "variant-of"
|
||||
}
|
||||
],
|
||||
"uuid": "dcbf1aaa-1fdd-4bfc-a35e-145ffdfb5ac5",
|
||||
|
|
Loading…
Reference in a new issue