mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
[threat-actors] Add Storm-1113
This commit is contained in:
parent
ce4be94d8b
commit
2c7adf27a0
1 changed files with 10 additions and 0 deletions
|
@ -13940,6 +13940,16 @@
|
||||||
},
|
},
|
||||||
"uuid": "7b8845d9-d7f5-4895-9dcc-54da3492bd55",
|
"uuid": "7b8845d9-d7f5-4895-9dcc-54da3492bd55",
|
||||||
"value": "KelvinSecurity"
|
"value": "KelvinSecurity"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Storm-1113 is a threat actor that acts both as an access broker focused on malware distribution through search advertisements and as an “as-a-service” entity providing malicious installers and landing page frameworks. In Storm-1113 malware distribution campaigns, users are directed to landing pages mimicking well-known software that host installers, often MSI files, that lead to the installation of malicious payloads. Storm-1113 is also the developer of EugenLoader, a commodity malware first observed around November 2022.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.microsoft.com/en-us/security/blog/2023/12/28/financially-motivated-threat-actors-misusing-app-installer/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "993e81e8-63f4-4666-9538-4053a69287ba",
|
||||||
|
"value": "Storm-1113"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 296
|
"version": 296
|
||||||
|
|
Loading…
Reference in a new issue