MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 23:07:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

fix

Browse source
This commit is contained in:
Deborah Servili 2018-08-14 12:07:12 +02:00
parent 2081dc1627
commit a28c50203e
No known key found for this signature in database
GPG key ID: 7E3A832850D4D7D1
2 changed files with 3 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
clusters/backdoor.json
View file

@ -5,7 +5,7 @@
"description": "A list of backdoor malware.",
"name": "Backdoor",
"source": "Open Sources",
"version": 2,
"version": 1,
"type": "backdoor",
"uuid": "75436e27-cb57-4f32-bf1d-9636dd78a2bf",
"values": [
@ -17,7 +17,6 @@
"https://blog.jpcert.or.jp/2018/07/malware-wellmes-9b78.html"
]
},
"description": "Cross-platform malware written in Golang, compatible with Linux and Windows. Although there are some minor differences, both variants have the same functionality. The malware communicates with a CnC server using HTTP requests and performs functions based on the received commands. Results of command execution are sent in HTTP POST requests data (RSA-encrypted). Main functionalities are: (1) Execute arbitrary shell commands, (2) Upload/Download files. The PE variant of the infection, in addition, executes PowerShell scripts. A .Net version was also observed in the wild.",
"value": "WellMess",
"uuid": "e0e79fab-0f1d-4fc2-b424-208cb019a9cd"
},
@ -33,7 +32,6 @@
]
},
"uuid": "2bb165dc-9f93-11e8-ae64-d3dbab0dd786"
}
],
"version": 1
}
]
}

8
clusters/ransomware.json
View file

@ -10371,13 +10371,5 @@
"uuid": "c76c4d24-9f99-11e8-808d-a7f1c66a53c5"
}
],
"source": "Various",
"uuid": "10cf658b-5d32-4c4b-bb32-61760a640372",
"name": "Ransomware",
"version": 28,
"type": "ransomware",
"description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml and http://pastebin.com/raw/GHgpWjar"
}
],
"version": 28
}