MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-26 08:47:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[threat-actors] Add UNC4393

Browse source
This commit is contained in:
Mathieu4141 2024-07-31 02:14:11 -07:00
parent a3e9e8c944
commit 7289782aae
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
clusters/threat-actor.json
View file

@ -16491,6 +16491,16 @@
}, },
"uuid": "0b71d2db-93fe-49b5-a9fd-7f8c94b86637", "uuid": "0b71d2db-93fe-49b5-a9fd-7f8c94b86637",
"value": "SAMBASPIDER" "value": "SAMBASPIDER"
},
{
"description": "UNC4393 is a financially motivated threat actor primarily using BASTA ransomware. They have been active since early 2022 and have targeted over 40 organizations across various industries. UNC4393 has shown a willingness to cooperate with other threat clusters for initial access and has evolved from using existing tools to developing custom malware. They focus on efficient data exfiltration and multi-faceted extortion, often utilizing tools like COGSCAN and RCLONE for reconnaissance and data theft.",
"meta": {
"refs": [
"https://cloud.google.com/blog/topics/threat-intelligence/unc4393-goes-gently-into-silentnight"
]
},
"uuid": "8191e28a-fb2d-4d50-b992-b877807a2f37",
"value": "UNC4393"
} }
], ],
"version": 312 "version": 312