mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
commit
2a8214d88f
1 changed files with 31 additions and 1 deletions
|
@ -7916,6 +7916,36 @@
|
|||
"uuid": "a0736351-1721-42ed-a057-19b4b93b585e",
|
||||
"value": "NBTScan"
|
||||
},
|
||||
{
|
||||
"description": "ZeroCleare was used to execute a destructive attack that affected organizations in the energy and industrial sectorsin the Middle East. Based on the analysis of the malware and the attackers’ behavior, we suspect Iran-based nation state adversaries were involved to develop and deploy this new wiper. ",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://www.ibm.com/downloads/cas/OAJ4VZNJ"
|
||||
]
|
||||
},
|
||||
"uuid": "40fdcaac-a733-4088-9058-7b15a415b943",
|
||||
"value": "ZeroCleare"
|
||||
},
|
||||
{
|
||||
"description": "At the heart of the recent Bapco attack is a new strain of malware named Dustman. According to an analysis by Saudi Arabia's cyber-security agency, Dustman is a so-called data wiper -- malware designed to delete data on infected computers, once launched into execution.\nDustman represents the third different data-wiping malware linked to the Tehran regime. Iranian state-backed hackers have a long history of developing data-wiping malware.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://mobile.twitter.com/IntezerLabs/status/1215252764080644098"
|
||||
]
|
||||
},
|
||||
"uuid": "ff692a4c-23ff-4e86-a03b-2de8d36bc98f",
|
||||
"value": "Dustman"
|
||||
},
|
||||
{
|
||||
"description": "This rootkit is a very simple. The name of the driver is “autochk.sys” - that’s why we’ll call it the autochk rootkit. The rootkit implements 2 functionalities: File Redirection and Network Connection Hiding.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://repnz.github.io/posts/autochk-rootkit-analysis/"
|
||||
]
|
||||
},
|
||||
"uuid": "4a60dc72-1ca0-4503-a635-96e119c5278d",
|
||||
"value": "Autochk Rootkit"
|
||||
},
|
||||
{
|
||||
"description": "New trojan called Lampion has spread using template emails from the Portuguese Government Finance & Tax during the last days of 2019.",
|
||||
"meta": {
|
||||
|
@ -7937,5 +7967,5 @@
|
|||
"value": "LiquorBot"
|
||||
}
|
||||
],
|
||||
"version": 131
|
||||
"version": 132
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue