mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
[threat-actors] Add TA571
This commit is contained in:
parent
8ba48b446a
commit
93cc634d1c
1 changed files with 11 additions and 0 deletions
|
@ -16132,6 +16132,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "2be04e23-4376-4333-87df-27d635e43a98",
|
"uuid": "2be04e23-4376-4333-87df-27d635e43a98",
|
||||||
"value": "Sp1d3r"
|
"value": "Sp1d3r"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "TA571 is a spam distributor actor known for delivering a variety of malware, including DarkGate, NetSupport RAT, and information stealers. They use phishing emails with macro-enabled attachments to spread malicious PDFs containing rogue OneDrive links. TA571 has been observed using unique filtering techniques with intermediary \"gates\" to target specific users and bypass automated sandboxing. Proofpoint assesses with high confidence that TA571 infections can lead to ransomware.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta571-delivers-icedid-forked-loader",
|
||||||
|
"https://www.proofpoint.com/us/blog/threat-insight/clipboard-compromise-powershell-self-pwn"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "0245113e-cef3-4638-9532-3bf235b07d49",
|
||||||
|
"value": "TA571"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 310
|
"version": 310
|
||||||
|
|
Loading…
Reference in a new issue