mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
chg: [rat] Hallaj PRO Rat added
ref: https://securelist.com/attacks-on-industrial-enterprises-using-rms-and-teamviewer/87104/ misp-event: 5b63f5e4-bf24-4f46-8340-48fc02de0b81
This commit is contained in:
parent
3da005a3f3
commit
a0dfdd65ae
1 changed files with 11 additions and 1 deletions
|
@ -2,7 +2,7 @@
|
|||
"uuid": "312f8714-45cb-11e7-b898-135207cdceb9",
|
||||
"description": "remote administration tool or remote access tool (RAT), also called sometimes remote access trojan, is a piece of software or programming that allows a remote \"operator\" to control a system as if they have physical access to that system.",
|
||||
"source": "MISP Project",
|
||||
"version": 11,
|
||||
"version": 12,
|
||||
"values": [
|
||||
{
|
||||
"meta": {
|
||||
|
@ -2521,6 +2521,16 @@
|
|||
"description": "The RAT is written in .NET, it uses socket.io for communication. Currently there are two variants of the malware, the 1st variant is a typical downloader whereas the 2nd one has download and C2 functionalities.",
|
||||
"value": "SocketPlayer",
|
||||
"uuid": "d9475765-2cea-45c0-b638-a082b9427239"
|
||||
},
|
||||
{
|
||||
"value": "Hallaj PRO RAT",
|
||||
"description": "RAT",
|
||||
"uuid": "f6447046-f4e8-4977-9cc3-edee74ff0038",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://securelist.com/attacks-on-industrial-enterprises-using-rms-and-teamviewer/87104/"
|
||||
]
|
||||
}
|
||||
}
|
||||
],
|
||||
"authors": [
|
||||
|
|
Loading…
Reference in a new issue