mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-27 01:07:18 +00:00
commit
40b3e7ccc1
2 changed files with 29 additions and 3 deletions
|
@ -3188,7 +3188,10 @@
|
||||||
{
|
{
|
||||||
"description": "TA530, who we previously examined in relation to large-scale personalized phishing campaigns",
|
"description": "TA530, who we previously examined in relation to large-scale personalized phishing campaigns",
|
||||||
"meta": {
|
"meta": {
|
||||||
"country": "CN"
|
"country": "CN",
|
||||||
|
"refs": [
|
||||||
|
"https://www.proofpoint.com/uk/threat-insight/post/august-in-december-new-information-stealer-hits-the-scene"
|
||||||
|
]
|
||||||
},
|
},
|
||||||
"uuid": "4b79d1f6-8333-44b6-ac32-d1ea7e47e77f",
|
"uuid": "4b79d1f6-8333-44b6-ac32-d1ea7e47e77f",
|
||||||
"value": "TA530"
|
"value": "TA530"
|
||||||
|
@ -5982,5 +5985,5 @@
|
||||||
"value": "The Shadow Brokers"
|
"value": "The Shadow Brokers"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 74
|
"version": 75
|
||||||
}
|
}
|
||||||
|
|
|
@ -7361,7 +7361,30 @@
|
||||||
},
|
},
|
||||||
"uuid": "d93894ee-d5d7-11e8-b360-572c0c441c8f",
|
"uuid": "d93894ee-d5d7-11e8-b360-572c0c441c8f",
|
||||||
"value": "NAMEDPIPETOUCH"
|
"value": "NAMEDPIPETOUCH"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "GhostMiner is a new cryptocurrency mining malware. By the end of March 2018, a new variant of mining malware was detected targeting MSSQL, phpMyAdmin, and Oracle WebLogic servers. The sample uses Powershell to execute code with volatile resources and scans the server's processes to detect and stop other miners that might have been running prior to execution.\nThe fileless malware has become more popular in the last years. The malicious code runs directly in main memory without writing any file on disk, where an antivirus engine could detect it.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.alienvault.com/forums/discussion/17301/alienvault-labs-threat-intelligence-update-for-usm-anywhere-march-25-march-31-2018"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "0a339826-d5f8-11e8-b520-5b93fe65a08e",
|
||||||
|
"value": "GhostMiner"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "August contains stealing functionality targeting credentials and sensitive documents from the infected computer.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.proofpoint.com/uk/threat-insight/post/august-in-december-new-information-stealer-hits-the-scene"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"August Stealer"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "9972d4c4-d6c6-11e8-867e-87b4a45aa76d",
|
||||||
|
"value": "August"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 96
|
"version": 98
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue