mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
Update threat-actor.json
This commit is contained in:
parent
b978bb1c86
commit
3b67e745e5
1 changed files with 10 additions and 81 deletions
|
@ -2813,11 +2813,8 @@
|
|||
],
|
||||
"synonyms": [
|
||||
"CARBON SPIDER",
|
||||
"Carbon Spider",
|
||||
"GOLD NIAGARA",
|
||||
"Calcium",
|
||||
"Carbanak",
|
||||
"FIN 7"
|
||||
"Calcium"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
@ -2930,9 +2927,7 @@
|
|||
"https://attack.mitre.org/groups/G0085/"
|
||||
],
|
||||
"synonyms": [
|
||||
"FIN4",
|
||||
"FIN 4",
|
||||
"Wolf Spider"
|
||||
"FIN4"
|
||||
]
|
||||
},
|
||||
"uuid": "ff449346-aa9f-45f6-b482-71e886a5cf57",
|
||||
|
@ -3612,9 +3607,6 @@
|
|||
"country": "CN",
|
||||
"refs": [
|
||||
"https://www.proofpoint.com/uk/threat-insight/post/august-in-december-new-information-stealer-hits-the-scene"
|
||||
],
|
||||
"synonyms": [
|
||||
"TA 530"
|
||||
]
|
||||
},
|
||||
"uuid": "4b79d1f6-8333-44b6-ac32-d1ea7e47e77f",
|
||||
|
@ -3677,12 +3669,10 @@
|
|||
],
|
||||
"synonyms": [
|
||||
"SKELETON SPIDER",
|
||||
"Sketelon Spider",
|
||||
"ITG08",
|
||||
"MageCart Group 6",
|
||||
"White Giant",
|
||||
"GOLD FRANKLIN",
|
||||
"FIN 6"
|
||||
"GOLD FRANKLIN"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
@ -4605,9 +4595,6 @@
|
|||
"https://afyonluoglu.org/PublicWebFiles/Reports-TR/2017%20FireEye%20M-Trends%20Report.pdf",
|
||||
"https://www.fireeye.com/blog/threat-research/2017/06/obfuscation-in-the-wild.html",
|
||||
"https://attack.mitre.org/groups/G0061"
|
||||
],
|
||||
"synonyms": [
|
||||
"FIN 8"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
@ -4703,9 +4690,6 @@
|
|||
"refs": [
|
||||
"https://www.proofpoint.com/us/threat-insight/post/apt-targets-financial-analysts",
|
||||
"https://attack.mitre.org/groups/G0062/"
|
||||
],
|
||||
"synonyms": [
|
||||
"TA 459"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
@ -6708,9 +6692,6 @@
|
|||
"country": "RU",
|
||||
"refs": [
|
||||
"https://www.crowdstrike.com/blog/big-game-hunting-the-evolution-of-indrik-spider-from-dridex-wire-fraud-to-bitpaymer-targeted-ransomware/"
|
||||
],
|
||||
"synonyms": [
|
||||
"Indrik Spider"
|
||||
]
|
||||
},
|
||||
"uuid": "658314bc-3bb8-48d2-913a-c528607b75c8",
|
||||
|
@ -6849,8 +6830,6 @@
|
|||
"GRACEFUL SPIDER",
|
||||
"GOLD TAHOE",
|
||||
"Dudear",
|
||||
"TA 505",
|
||||
"Graceful Spider",
|
||||
"TEMP.Warlock"
|
||||
]
|
||||
},
|
||||
|
@ -6892,9 +6871,7 @@
|
|||
"synonyms": [
|
||||
"TEMP.MixMaster",
|
||||
"GOLD BLACKBURN",
|
||||
"Wizard Spider",
|
||||
"FIN12",
|
||||
"FIN 12"
|
||||
"FIN12"
|
||||
]
|
||||
},
|
||||
"uuid": "bdf4fe4f-af8a-495f-a719-cf175cecda1f",
|
||||
|
@ -6912,9 +6889,7 @@
|
|||
],
|
||||
"synonyms": [
|
||||
"TA542",
|
||||
"GOLD CRESTWOOD",
|
||||
"Mummy Spider",
|
||||
"TA 542"
|
||||
"GOLD CRESTWOOD"
|
||||
]
|
||||
},
|
||||
"uuid": "c93281be-f6cd-4cd0-a5a3-defde9d77d8b",
|
||||
|
@ -6957,7 +6932,6 @@
|
|||
],
|
||||
"synonyms": [
|
||||
"Silence",
|
||||
"Silence APT group",
|
||||
"WHISPER SPIDER"
|
||||
]
|
||||
},
|
||||
|
@ -6980,7 +6954,6 @@
|
|||
"https://www.secureworks.com/research/threat-profiles/cobalt-hickman"
|
||||
],
|
||||
"synonyms": [
|
||||
"APT 39",
|
||||
"Chafer",
|
||||
"REMIX KITTEN",
|
||||
"COBALT HICKMAN"
|
||||
|
@ -7247,7 +7220,6 @@
|
|||
"COBALT DICKENS",
|
||||
"Mabna Institute",
|
||||
"TA407",
|
||||
"TA 407"
|
||||
]
|
||||
},
|
||||
"uuid": "5059b44d-2753-4977-b987-4922f09afe6b",
|
||||
|
@ -7281,7 +7253,6 @@
|
|||
"https://twitter.com/bkMSFT/status/1417823714922610689"
|
||||
],
|
||||
"synonyms": [
|
||||
"APT 31",
|
||||
"ZIRCONIUM",
|
||||
"JUDGMENT PANDA",
|
||||
"BRONZE VINEWOOD"
|
||||
|
@ -7346,9 +7317,6 @@
|
|||
"refs": [
|
||||
"https://www.darkreading.com/analytics/prolific-cybercrime-gang-favors-legit-login-credentials/d/d-id/1322645?",
|
||||
"https://attack.mitre.org/groups/G0053/"
|
||||
],
|
||||
"synonyms": [
|
||||
"FIN 5"
|
||||
]
|
||||
},
|
||||
"uuid": "44dc2f9c-8c28-11e9-9b9a-7fdced8cbf70",
|
||||
|
@ -7360,9 +7328,6 @@
|
|||
"country": "RU",
|
||||
"refs": [
|
||||
"https://www.fireeye.com/blog/threat-research/2015/12/fin1-targets-boot-record.html"
|
||||
],
|
||||
"synonyms": [
|
||||
"FIN 1"
|
||||
]
|
||||
},
|
||||
"uuid": "13289552-596e-4592-9c81-eeb4db6baf3c",
|
||||
|
@ -7374,9 +7339,6 @@
|
|||
"refs": [
|
||||
"https://www2.fireeye.com/rs/848-DID-242/images/rpt-fin10.pdf",
|
||||
"https://attack.mitre.org/groups/G0051/"
|
||||
],
|
||||
"synonyms": [
|
||||
"FIN 10"
|
||||
]
|
||||
},
|
||||
"uuid": "f2d02410-8c2c-11e9-8df1-a31c1fb33d79",
|
||||
|
@ -7656,8 +7618,7 @@
|
|||
],
|
||||
"synonyms": [
|
||||
"Temp.Hex",
|
||||
"Vicious Panda",
|
||||
"TA 428"
|
||||
"Vicious Panda"
|
||||
]
|
||||
},
|
||||
"uuid": "5533d062-18ab-4c70-9472-0eac03f95a1d",
|
||||
|
@ -7777,10 +7738,6 @@
|
|||
"https://www.proofpoint.com/us/threat-insight/post/lookback-forges-ahead-continued-targeting-united-states-utilities-sector-reveals",
|
||||
"https://www.proofpoint.com/us/threat-insight/post/lookback-malware-targets-united-states-utilities-sector-phishing-attacks",
|
||||
"https://www.proofpoint.com/us/blog/threat-insight/ta410-group-behind-lookback-attacks-against-us-utilities-sector-returns-new"
|
||||
],
|
||||
"synonyms": [
|
||||
"LookBack",
|
||||
"TA 410"
|
||||
]
|
||||
},
|
||||
"uuid": "5cd95926-0098-435e-892d-9c9f61763ad7",
|
||||
|
@ -7826,10 +7783,6 @@
|
|||
"meta": {
|
||||
"refs": [
|
||||
"https://www.ptsecurity.com/upload/corporate/ru-ru/analytics/calypso-apt-2019-rus.pdf"
|
||||
],
|
||||
"synonyms": [
|
||||
"Calypso",
|
||||
"Calypso APT"
|
||||
]
|
||||
},
|
||||
"uuid": "200d04c8-a11f-45c4-86fd-35bb5de3f7a3",
|
||||
|
@ -7849,9 +7802,7 @@
|
|||
"synonyms": [
|
||||
"Maze Team",
|
||||
"TWISTED SPIDER",
|
||||
"GOLD VILLAGE",
|
||||
"TA 2101",
|
||||
"Maze"
|
||||
"GOLD VILLAGE"
|
||||
]
|
||||
},
|
||||
"uuid": "39925aa0-c7bf-4b9b-97d6-7d600329453d",
|
||||
|
@ -8090,9 +8041,7 @@
|
|||
],
|
||||
"synonyms": [
|
||||
"GOLD ESSEX",
|
||||
"TA544",
|
||||
"TA 544",
|
||||
"Narwhal Spider"
|
||||
"TA544"
|
||||
]
|
||||
},
|
||||
"uuid": "fda9cdea-0017-495e-879d-0f348db2aa07",
|
||||
|
@ -8285,9 +8234,6 @@
|
|||
"country": "CN",
|
||||
"refs": [
|
||||
"https://www.proofpoint.com/us/blog/threat-insight/chinese-apt-ta413-resumes-targeting-tibet-following-covid-19-themed-economic"
|
||||
],
|
||||
"synonyms": [
|
||||
"TA 413"
|
||||
]
|
||||
},
|
||||
"uuid": "cbf94f8d-20f2-45a0-b78b-54715b6b4e18",
|
||||
|
@ -8382,9 +8328,8 @@
|
|||
],
|
||||
"synonyms": [
|
||||
"TEMP.Warlock",
|
||||
"FIN 11",
|
||||
"UNC902",
|
||||
"Graceful Spider"
|
||||
"GRACEFUL SPIDER"
|
||||
]
|
||||
},
|
||||
"uuid": "c01aadc6-1087-4e8e-8d5c-a27eba409fe3",
|
||||
|
@ -8539,7 +8484,6 @@
|
|||
],
|
||||
"synonyms": [
|
||||
"UNC1151",
|
||||
"TA 445",
|
||||
"TA445"
|
||||
]
|
||||
},
|
||||
|
@ -8757,9 +8701,7 @@
|
|||
],
|
||||
"synonyms": [
|
||||
"Shakthak",
|
||||
"TA551",
|
||||
"TA 551",
|
||||
"Lunar Spider"
|
||||
"TA551"
|
||||
]
|
||||
},
|
||||
"uuid": "36e8c848-4d20-47ea-9fc2-31aa17bf82d1",
|
||||
|
@ -8976,9 +8918,6 @@
|
|||
"country": "RU",
|
||||
"refs": [
|
||||
"https://www.mandiant.com/resources/fin13-cybercriminal-mexico"
|
||||
],
|
||||
"synonyms": [
|
||||
"FIN 13"
|
||||
]
|
||||
},
|
||||
"uuid": "60fa684d-c738-4b77-98fb-3f6605e2bb82",
|
||||
|
@ -9042,9 +8981,6 @@
|
|||
"meta": {
|
||||
"refs": [
|
||||
"https://www.thaicert.or.th/downloads/files/Threat_Group_Cards_v2.0.pdf"
|
||||
],
|
||||
"synonyms": [
|
||||
"TA 516"
|
||||
]
|
||||
},
|
||||
"uuid": "0466bbf1-a187-4b3d-b558-a31e5ca11ea7",
|
||||
|
@ -9055,10 +8991,6 @@
|
|||
"meta": {
|
||||
"refs": [
|
||||
"https://www.thaicert.or.th/downloads/files/Threat_Group_Cards_v2.0.pdf"
|
||||
],
|
||||
"synonyms": [
|
||||
"Scully Spider",
|
||||
"TA 547"
|
||||
]
|
||||
},
|
||||
"uuid": "29fbc8d4-1e6e-4edc-9887-bdf47f36e4c1",
|
||||
|
@ -9092,9 +9024,6 @@
|
|||
"meta": {
|
||||
"refs": [
|
||||
"https://www.proofpoint.com/us/blog/threat-insight/q4-2020-threat-report-quarterly-analysis-cybersecurity-trends-tactics-and-themes"
|
||||
],
|
||||
"synonyms": [
|
||||
"TA 800"
|
||||
]
|
||||
},
|
||||
"uuid": "75fac2e9-8f2c-4620-a1cc-4b8a61c1bb48",
|
||||
|
|
Loading…
Reference in a new issue