mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-23 07:17:17 +00:00
add GootLoader
This commit is contained in:
parent
d5a9365aae
commit
534dacb7fb
1 changed files with 11 additions and 0 deletions
|
@ -8559,6 +8559,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "2bea2cc9-c1cc-453d-a483-541b895867d1",
|
"uuid": "2bea2cc9-c1cc-453d-a483-541b895867d1",
|
||||||
"value": "MOUSEISLAND"
|
"value": "MOUSEISLAND"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "GootLoader is a malware loader historically associated with the GootKit malware. As its developers updated its capabilities, GootLoader has evolved from a loader downloading a malicious payload into a multi-payload malware platform. As a loader malware, GootLoader is usually the first-stage of a system compromise. By leveraging search engine poisoning, GootLoader’s developers may compromise or create websites that rank highly in search engine results, such as Google search results. How is it delivered? Via Malicious files available for download on compromised websites that rank high as search engine results",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.cyber.nj.gov/alerts-advisories/gootloader-malware-platform-uses-sophisticated-techniques-to-deliver-malware",
|
||||||
|
"https://blogs.blackberry.com/en/2022/07/gootloader-from-seo-poisoning-to-multi-stage-downloader"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "0bdb6f1c-1229-4556-a535-7444ddfbd7a9",
|
||||||
|
"value": "GootLoader"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 153
|
"version": 153
|
||||||
|
|
Loading…
Reference in a new issue