MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-23 07:17:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Moafee added

Browse source
This commit is contained in:
Alexandre Dulaunoy 2016-08-01 16:41:44 +02:00
parent 963cd23b1f
commit 9f011d69cf
1 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
elements/adversary-groups.json
View file

@ -88,7 +88,8 @@
"HummingBad", "HummingBad",
"Dropping Elephant", "Dropping Elephant",
"Operation Transparent Tribe", "Operation Transparent Tribe",
"Poseidon Group" "Poseidon Group",
"DragonOK"
], ],
"details": [ "details": [
{ {
@ -885,7 +886,10 @@
"group": "DragonOK", "group": "DragonOK",
"description": "Threat group that has targeted Japanese organizations with phishing emails. Due to overlapping TTPs, including similar custom tools, DragonOK is thought to have a direct or indirect relationship with the threat group Moafee. 2223 It is known to use a variety of malware, including Sysget/HelloBridge, PlugX, PoisonIvy, FormerFirstRat, NFlog, and NewCT.", "description": "Threat group that has targeted Japanese organizations with phishing emails. Due to overlapping TTPs, including similar custom tools, DragonOK is thought to have a direct or indirect relationship with the threat group Moafee. 2223 It is known to use a variety of malware, including Sysget/HelloBridge, PlugX, PoisonIvy, FormerFirstRat, NFlog, and NewCT.",
"country": "CN", "country": "CN",
"refs": ["https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/wp-operation-quantum-entanglement.pdf", "https://attack.mitre.org/wiki/Groups"] "refs": ["https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/wp-operation-quantum-entanglement.pdf", "https://attack.mitre.org/wiki/Groups"],
"synonyms": [
"Moafee"
]
} }
] ]
} }