MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2025-01-19 02:56:16 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

add Cardinal RAT

Browse source
This commit is contained in:
Déborah Servili 2017-04-24 16:04:52 +02:00
parent 7163e8c58c
commit 6267681362
1 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
clusters/tool.json
View file

@ -2614,6 +2614,15 @@
},
"description": "HackingTeam Remote Control System (RCS) Galileo hacking platform",
"value": "RCS Galileo"
},
{
"meta": {
"refs": [
"http://researchcenter.paloaltonetworks.com/2017/04/unit42-cardinal-rat-active-two-years/"
]
},
"description": "Palo Alto Networks has discovered a previously unknown remote access Trojan (RAT) that has been active for over two years. It has a very low volume in this two-year period, totaling roughly 27 total samples. The malware is delivered via an innovative and unique technique: a downloader we are calling Carp uses malicious macros in Microsoft Excel documents to compile embedded C# (C Sharp) Programming Language source code into an executable that in turn is run to deploy the Cardinal RAT malware family. These malicious Excel files use a number of different lures, providing evidence of what attackers are using to entice victims into executing them.",
"value": "Cardinal RAT"
}
]
}