From 5f34b618f8a912f6023a2b442b64b35ed1014e3e Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Sun, 10 Dec 2017 09:24:32 +0100 Subject: [PATCH] StrongPity2 added --- clusters/tool.json | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/clusters/tool.json b/clusters/tool.json index 8365ee8..72a7fbb 100644 --- a/clusters/tool.json +++ b/clusters/tool.json @@ -10,7 +10,7 @@ ], "description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.", "uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f", - "version": 38, + "version": 39, "values": [ { "meta": { @@ -3083,6 +3083,18 @@ "HSDFSDCrypt" ] } + }, + { + "value": "StrongPity2", + "description": "Detected by ESET as Win32/StrongPity2, this spyware notably resembles one that was attributed to the group called StrongPity.", + "meta": { + "synonyms": [ + "Win32/StrongPity2" + ], + "refs": [ + "https://www.welivesecurity.com/2017/12/08/strongpity-like-spyware-replaces-finfisher/" + ] + } } ] }