mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
Attck link + typo on TA551
This commit is contained in:
parent
f97fee7135
commit
51f98f4706
1 changed files with 3 additions and 2 deletions
|
@ -8788,13 +8788,14 @@
|
|||
"description": "GOLD CABIN is a financially motivated cybercriminal threat group operating a malware distribution service on behalf of numerous customers since 2018. GOLD CABIN uses malicious documents, often contained in password-protected archives, delivered through email to download and execute payloads. The second-stage payloads are most frequently Gozi ISFB (Ursnif) or IcedID (Bokbot), sometimes using intermediary malware like Valak. GOLD CABIN infrastructure relies on artificial appearing and frequently changing URLs created with a domain generation algorithm (DGA). The URLs host a PHP object that returns the malware as a DLL file.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://www.secureworks.com/research/threat-profiles/gold-cabin"
|
||||
"https://www.secureworks.com/research/threat-profiles/gold-cabin",
|
||||
"https://attack.mitre.org/groups/G0127/"
|
||||
],
|
||||
"synonyms": [
|
||||
"Shakthak",
|
||||
"TA551",
|
||||
"ATK236",
|
||||
"G01271"
|
||||
"G0127"
|
||||
]
|
||||
},
|
||||
"uuid": "36e8c848-4d20-47ea-9fc2-31aa17bf82d1",
|
||||
|
|
Loading…
Reference in a new issue