mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-12-03 12:17:20 +00:00
Moafee added
This commit is contained in:
parent
963cd23b1f
commit
9f011d69cf
1 changed files with 6 additions and 2 deletions
|
@ -88,7 +88,8 @@
|
||||||
"HummingBad",
|
"HummingBad",
|
||||||
"Dropping Elephant",
|
"Dropping Elephant",
|
||||||
"Operation Transparent Tribe",
|
"Operation Transparent Tribe",
|
||||||
"Poseidon Group"
|
"Poseidon Group",
|
||||||
|
"DragonOK"
|
||||||
],
|
],
|
||||||
"details": [
|
"details": [
|
||||||
{
|
{
|
||||||
|
@ -885,7 +886,10 @@
|
||||||
"group": "DragonOK",
|
"group": "DragonOK",
|
||||||
"description": "Threat group that has targeted Japanese organizations with phishing emails. Due to overlapping TTPs, including similar custom tools, DragonOK is thought to have a direct or indirect relationship with the threat group Moafee. 2223 It is known to use a variety of malware, including Sysget/HelloBridge, PlugX, PoisonIvy, FormerFirstRat, NFlog, and NewCT.",
|
"description": "Threat group that has targeted Japanese organizations with phishing emails. Due to overlapping TTPs, including similar custom tools, DragonOK is thought to have a direct or indirect relationship with the threat group Moafee. 2223 It is known to use a variety of malware, including Sysget/HelloBridge, PlugX, PoisonIvy, FormerFirstRat, NFlog, and NewCT.",
|
||||||
"country": "CN",
|
"country": "CN",
|
||||||
"refs": ["https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/wp-operation-quantum-entanglement.pdf", "https://attack.mitre.org/wiki/Groups"]
|
"refs": ["https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/wp-operation-quantum-entanglement.pdf", "https://attack.mitre.org/wiki/Groups"],
|
||||||
|
"synonyms": [
|
||||||
|
"Moafee"
|
||||||
|
]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue