MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 14:57:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

[threat-actors] Add Storm-1113

Browse source
This commit is contained in:
Mathieu4141 2024-01-08 05:23:29 -08:00
parent ce4be94d8b
commit 2c7adf27a0
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
clusters/threat-actor.json
View file

@ -13940,6 +13940,16 @@
},
"uuid": "7b8845d9-d7f5-4895-9dcc-54da3492bd55",
"value": "KelvinSecurity"
},
{
"description": "Storm-1113 is a threat actor that acts both as an access broker focused on malware distribution through search advertisements and as an “as-a-service” entity providing malicious installers and landing page frameworks. In Storm-1113 malware distribution campaigns, users are directed to landing pages mimicking well-known software that host installers, often MSI files, that lead to the installation of malicious payloads. Storm-1113 is also the developer of EugenLoader, a commodity malware first observed around November 2022.",
"meta": {
"refs": [
"https://www.microsoft.com/en-us/security/blog/2023/12/28/financially-motivated-threat-actors-misusing-app-installer/"
]
},
"uuid": "993e81e8-63f4-4666-9538-4053a69287ba",
"value": "Storm-1113"
}
],
"version": 296