mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
add relationship between Cardinal RAT and EVILNUM
This commit is contained in:
parent
d0383b460f
commit
575dd64582
2 changed files with 58 additions and 2 deletions
|
@ -2547,6 +2547,16 @@
|
||||||
"https://unit42.paloaltonetworks.com/cardinal-rat-sins-again-targets-israeli-fin-tech-firms/"
|
"https://unit42.paloaltonetworks.com/cardinal-rat-sins-again-targets-israeli-fin-tech-firms/"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
"related": [
|
||||||
|
{
|
||||||
|
"dest-uuid": "e1ca79eb-5629-4267-bb37-3992c7126ef4",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"likely\""
|
||||||
|
],
|
||||||
|
"type": "similar"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
|
||||||
"uuid": "cb23f563-a8b9-4427-9884-594e8d3cc836",
|
"uuid": "cb23f563-a8b9-4427-9884-594e8d3cc836",
|
||||||
"value": "Cardinal"
|
"value": "Cardinal"
|
||||||
},
|
},
|
||||||
|
@ -3321,5 +3331,5 @@
|
||||||
"value": "H-worm"
|
"value": "H-worm"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 25
|
"version": 26
|
||||||
}
|
}
|
||||||
|
|
|
@ -4991,6 +4991,16 @@
|
||||||
"type": "similar"
|
"type": "similar"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"related": [
|
||||||
|
{
|
||||||
|
"dest-uuid": "e1ca79eb-5629-4267-bb37-3992c7126ef4",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"likely\""
|
||||||
|
],
|
||||||
|
"type": "similar"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
|
||||||
"uuid": "1d9fbf33-faea-40c1-b543-c7b39561f0ff",
|
"uuid": "1d9fbf33-faea-40c1-b543-c7b39561f0ff",
|
||||||
"value": "Cardinal RAT"
|
"value": "Cardinal RAT"
|
||||||
},
|
},
|
||||||
|
@ -7584,7 +7594,43 @@
|
||||||
],
|
],
|
||||||
"uuid": "bb6492fa-36b5-4f4a-a787-e718e7f9997f",
|
"uuid": "bb6492fa-36b5-4f4a-a787-e718e7f9997f",
|
||||||
"value": "SLUB Backdoor"
|
"value": "SLUB Backdoor"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "In 2017, Unit 42 reported on and analyzed a low-volume malware family called Cardinal RAT. This malware family had remained undetected for over two years and was delivered via a unique downloader named Carp Downloader.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://unit42.paloaltonetworks.com/cardinal-rat-sins-again-targets-israeli-fin-tech-firms/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "8fb35101-dad6-4628-84ab-905afacb986b",
|
||||||
|
"value": "Carp Downloader"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "EVILNUM is a JavaScript-based malware family that is used in attacks against similar organizations.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://unit42.paloaltonetworks.com/cardinal-rat-sins-again-targets-israeli-fin-tech-firms/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"related": [
|
||||||
|
{
|
||||||
|
"dest-uuid": "cb23f563-a8b9-4427-9884-594e8d3cc836",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"likely\""
|
||||||
|
],
|
||||||
|
"type": "similar"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"dest-uuid": "1d9fbf33-faea-40c1-b543-c7b39561f0ff",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"likely\""
|
||||||
|
],
|
||||||
|
"type": "similar"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 114
|
"uuid": "e1ca79eb-5629-4267-bb37-3992c7126ef4",
|
||||||
|
"value": "EVILNUM"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"version": 115
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue