MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 23:07:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Adding Underminer EK

Browse source
This commit is contained in:
Kafeine 2018-08-30 17:27:59 +02:00 committed by GitHub
parent afa3fb4cfd
commit 85130f264d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
clusters/exploit-kit.json
View file

@ -24,6 +24,21 @@
},
"uuid": "e9ca60cd-94fc-4a54-ac98-30e675a46b3e",
"value": "Astrum"
},
{
"description": "Underminer EK is an exploit kit that seems to be used privately against users in Asia. Functionalities: browser profiling and filtering, preventing of client revisits, URL randomization, and asymmetric encryption of payloads.",
"meta": {
"refs": [
"https://blog.trendmicro.com/trendlabs-security-intelligence/new-underminer-exploit-kit-delivers-bootkit-and-cryptocurrency-mining-malware-with-encrypted-tcp-tunnel/",
"http://bobao.360.cn/interref/detail/248.html"
],
"status": "Active",
"synonyms": [
"Underminer EK"
]
},
"uuid": "49492577-62dd-491d-95d4-92a47adbd98a",
"value": "Underminer"
},
{
"description": "Bingo EK is the name chosen by the defense for a Fiesta-ish EK first spotted in March 2017 and targetting at that times mostly Russia",