mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
Merge pull request #67 from Delta-Sierra/master
add some rats and tools
This commit is contained in:
commit
3219d5de5c
2 changed files with 67 additions and 0 deletions
|
@ -720,6 +720,49 @@
|
|||
},
|
||||
"description": "Free, Open-Source Remote Administration Tool. xRAT 2.0 is a fast and light-weight Remote Administration Tool coded in C# (using .NET Framework 2.0).",
|
||||
"value": "xRAT"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"http://sakhackingarticles.blogspot.lu/2014/08/biodox-rat.html"
|
||||
]
|
||||
},
|
||||
"value": "Biodox"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://leakforums.net/thread-31386?tid=31386&&pq=1"
|
||||
]
|
||||
},
|
||||
"description": "Offense RAT is a free renote administration tool made in Delphi 9.",
|
||||
"value": "Offence"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://leakforums.net/thread-36962"
|
||||
]
|
||||
},
|
||||
"value": "Apocalypse"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://leakforums.net/thread-363920"
|
||||
]
|
||||
},
|
||||
"value": "JCage"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"http://malware.wikia.com/wiki/Nuclear_RAT",
|
||||
"http://www.nuclearwintercrew.com/Products-View/21/Nuclear_RAT_2.1.0/"
|
||||
]
|
||||
},
|
||||
"description": "Nuclear RAT (short for Nuclear Remote Administration Tool) is a backdoor trojan horse that infects Windows NT family systems (Windows 2000, XP, 2003).",
|
||||
"value": "Nuclear RAT"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
|
@ -2782,6 +2782,30 @@
|
|||
"http://researchcenter.paloaltonetworks.com/2017/05/unit42-kazuar-multiplatform-espionage-backdoor-api-access/"
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"description": "Many links indicate, that this bot is another product of the people previously involved in Dyreza. It seems to be rewritten from scratch – however, it contains many similar features and solutions to those we encountered analyzing Dyreza (read more).",
|
||||
"value": "Trick Bot",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://blog.malwarebytes.com/threat-analysis/2016/10/trick-bot-dyrezas-successor/",
|
||||
"https://blog.fraudwatchinternational.com/malware/trickbot-malware-works",
|
||||
"https://securityintelligence.com/trickbot-is-hand-picking-private-banks-for-targets-with-redirection-attacks-in-tow/"
|
||||
],
|
||||
"synonyms": [
|
||||
"TrickBot",
|
||||
"TrickLoader"
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"value": "Moneygram Adwind",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://myonlinesecurity.co.uk/new-guidelines-from-moneygram-malspam-delivers-a-brand-new-java-adwind-version/"
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
]
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue