MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2025-01-18 10:36:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #346 from danielplohmann/patch-3

Browse source 
Two more actor names from GTR2019
This commit is contained in:
Alexandre Dulaunoy 2019-02-20 08:55:53 +01:00 committed by GitHub
commit a4820561e1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 20 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
clusters/threat-actor.json
View file

@ -6351,6 +6351,26 @@
}, },
"uuid": "89a05f9f-a6dc-4426-8c15-a8d5ef6d8524", "uuid": "89a05f9f-a6dc-4426-8c15-a8d5ef6d8524",
"value": "Tiny Spider" "value": "Tiny Spider"
},
{
"description": "According to CrowdStrike, this actor is using BokBok/IcedID, potentially buying distribution through Emotet infections.",
"meta": {
"refs": [
"https://www.crowdstrike.com/resources/reports/2019-crowdstrike-global-threat-report/"
]
},
"uuid": "0db4c708-f33d-4d46-906d-12fdf7415f62",
"value": "Lunar Spider"
},
{
"description": "In July 2018, the source code of Pegasus, RATPAK SPIDERs malware framework, was anonymously leaked. This malware has been linked to the targeting of Russias financial sector. Associated malware, Buhtrap, which has been leaked previously, was observed this year in connection with SWC campaigns that also targeted Russian users.",
"meta": {
"refs": [
"https://www.crowdstrike.com/resources/reports/2019-crowdstrike-global-threat-report/"
]
},
"uuid": "ec3fda76-8c1c-4019-8109-3f92e6b15633",
"value": "Ratpak Spider"
} }
], ],
"version": 91 "version": 91