mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
Add Exaramel and P.A.S. webshell tool.
This commit is contained in:
parent
9f1fcbd1c5
commit
4a7560d191
1 changed files with 37 additions and 1 deletions
|
@ -8235,7 +8235,43 @@
|
||||||
"related": [],
|
"related": [],
|
||||||
"uuid": "1974ea65-7312-4d91-a592-649983b46554",
|
"uuid": "1974ea65-7312-4d91-a592-649983b46554",
|
||||||
"value": "Caterpillar WebShell"
|
"value": "Caterpillar WebShell"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "The P.A.S. webshell was developed by an ukrainian student, Jaroslav Volodimirovich Panchenko, who used the nick-name Profexer. It was developed in PHP and features a characteristic password-based encryption. This tool was available through a form on his website, where a user had to provide a password to receive a custom webshell. The form suggested a donation to the developer. It was commonly used, including during a WORDPRESS website attack.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://us-cert.cisa.gov/GRIZZLY-STEPPE-Russian-Malicious-Cyber-Activity",
|
||||||
|
"https://www.cert.ssi.gouv.fr/uploads/CERTFR-2021-CTI-005.pdf"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"Fobushell"
|
||||||
|
],
|
||||||
|
"type": [
|
||||||
|
"webshell"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"related": [],
|
||||||
|
"uuid": "6baa1f46-daa9-4f40-952b-ec613c835abb",
|
||||||
|
"value": "P.A.S. webshell"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.welivesecurity.com/2018/10/11/new-telebots-backdoor-linking-industroyer-notpetya/",
|
||||||
|
"https://www.cert.ssi.gouv.fr/uploads/CERTFR-2021-CTI-005.pdf"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
""
|
||||||
|
],
|
||||||
|
"type": [
|
||||||
|
"backdoor"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"related": [],
|
||||||
|
"uuid": "95174297-6dff-47d9-bcb9-263f9b2efcfb",
|
||||||
|
"value": "Exaramel"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 141
|
"version": 142
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue