mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
fix
This commit is contained in:
parent
2081dc1627
commit
a28c50203e
2 changed files with 3 additions and 13 deletions
|
@ -5,7 +5,7 @@
|
||||||
"description": "A list of backdoor malware.",
|
"description": "A list of backdoor malware.",
|
||||||
"name": "Backdoor",
|
"name": "Backdoor",
|
||||||
"source": "Open Sources",
|
"source": "Open Sources",
|
||||||
"version": 2,
|
"version": 1,
|
||||||
"type": "backdoor",
|
"type": "backdoor",
|
||||||
"uuid": "75436e27-cb57-4f32-bf1d-9636dd78a2bf",
|
"uuid": "75436e27-cb57-4f32-bf1d-9636dd78a2bf",
|
||||||
"values": [
|
"values": [
|
||||||
|
@ -17,7 +17,6 @@
|
||||||
"https://blog.jpcert.or.jp/2018/07/malware-wellmes-9b78.html"
|
"https://blog.jpcert.or.jp/2018/07/malware-wellmes-9b78.html"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"description": "Cross-platform malware written in Golang, compatible with Linux and Windows. Although there are some minor differences, both variants have the same functionality. The malware communicates with a CnC server using HTTP requests and performs functions based on the received commands. Results of command execution are sent in HTTP POST requests data (RSA-encrypted). Main functionalities are: (1) Execute arbitrary shell commands, (2) Upload/Download files. The PE variant of the infection, in addition, executes PowerShell scripts. A .Net version was also observed in the wild.",
|
|
||||||
"value": "WellMess",
|
"value": "WellMess",
|
||||||
"uuid": "e0e79fab-0f1d-4fc2-b424-208cb019a9cd"
|
"uuid": "e0e79fab-0f1d-4fc2-b424-208cb019a9cd"
|
||||||
},
|
},
|
||||||
|
@ -33,7 +32,6 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "2bb165dc-9f93-11e8-ae64-d3dbab0dd786"
|
"uuid": "2bb165dc-9f93-11e8-ae64-d3dbab0dd786"
|
||||||
}
|
}
|
||||||
],
|
]
|
||||||
"version": 1
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -10371,13 +10371,5 @@
|
||||||
"uuid": "c76c4d24-9f99-11e8-808d-a7f1c66a53c5"
|
"uuid": "c76c4d24-9f99-11e8-808d-a7f1c66a53c5"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"source": "Various",
|
|
||||||
"uuid": "10cf658b-5d32-4c4b-bb32-61760a640372",
|
|
||||||
"name": "Ransomware",
|
|
||||||
"version": 28,
|
|
||||||
"type": "ransomware",
|
|
||||||
"description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml and http://pastebin.com/raw/GHgpWjar"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"version": 28
|
"version": 28
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue