MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-26 16:57:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[threat-actors] Add Kasablanka

Browse source
This commit is contained in:
Mathieu Beligon 2023-11-03 19:02:12 +01:00
parent 0f1777df92
commit 58e8dfef71
1 changed files with 13 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
clusters/threat-actor.json
View file

@ -12274,6 +12274,19 @@
}, },
"uuid": "f3fd4397-19e4-47e0-b1bc-f792690e3bd0", "uuid": "f3fd4397-19e4-47e0-b1bc-f792690e3bd0",
"value": "SparklingGoblin" "value": "SparklingGoblin"
},
{
"description": "The Kasablanka group is a cyber-criminal organization that has\nspecifically targeted Russia between September and December 2022,\nusing various payloads delivered through phishing emails containing\nsocially engineered lnk files, zip packages, and executables attached to\nvirtual disk image files.",
"meta": {
"country": "MA",
"refs": [
"https://blog.talosintelligence.com/yorotrooper-espionage-campaign-cis-turkey-europe/",
"https://www.welivesecurity.com/2021/09/07/bladehawk-android-espionage-kurdish/",
"https://blog.talosintelligence.com/get-a-loda-this/"
]
},
"uuid": "6db3ad41-6b47-43c8-b94b-98853749ee02",
"value": "Kasablanka"
} }
], ],
"version": 289 "version": 289