mirror of
https://github.com/MISP/misp-galaxy.git
synced 2025-01-18 18:46:17 +00:00
More CN-based groups
This commit is contained in:
parent
a686821ae5
commit
b3be14d3b8
1 changed files with 33 additions and 1 deletions
|
|
@ -3,7 +3,7 @@
|
||||||
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
|
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
|
||||||
"authors": ["Alexandre Dulaunoy", "Florian Roth", "Various"],
|
"authors": ["Alexandre Dulaunoy", "Florian Roth", "Various"],
|
||||||
"type": "APT Groups",
|
"type": "APT Groups",
|
||||||
"groups" : ["Comment Crew","Putter Panda","Sofacy","APT 29","Turla Group","Energetic Bear","Sandworm","Anunak","TeamSpy Crew","BuhTrap","Putter Panda","UPS","IXESHE","APT 16","Aurora Panda","Wekby","Axiom","Shell Crew","Naikon","Lotus Blossom","Hurricane Panda","Emissary Panda"],
|
"groups" : ["Comment Crew","Putter Panda","Sofacy","APT 29","Turla Group","Energetic Bear","Sandworm","Anunak","TeamSpy Crew","BuhTrap","Putter Panda","UPS","IXESHE","APT 16","Aurora Panda","Wekby","Axiom","Shell Crew","Naikon","Lotus Blossom","Hurricane Panda","Emissary Panda","Stone Panda","Nightshade Panda","Hellsing","Night Dragon","Mirage","Anchor Panda"],
|
||||||
"details" : [
|
"details" : [
|
||||||
{
|
{
|
||||||
"group": "Comment Crew",
|
"group": "Comment Crew",
|
||||||
|
|
@ -83,6 +83,38 @@
|
||||||
"synonyms": ["TG-3390","APT 27","TEMP.Hippo","Group 35"]
|
"synonyms": ["TG-3390","APT 27","TEMP.Hippo","Group 35"]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
"group": "Stone Panda",
|
||||||
|
"country": "CN"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"group": "Nightshade Panda",
|
||||||
|
"refs": ["https://otx.alienvault.com/pulse/55bbc68e67db8c2d547ae393/"],
|
||||||
|
"country": "CN",
|
||||||
|
"synonyms": ["APT 9"]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"group": "Hellsing",
|
||||||
|
"refs": ["https://securelist.com/analysis/publications/69567/the-chronicles-of-the-hellsing-apt-the-empire-strikes-back/"],
|
||||||
|
"country": "CN",
|
||||||
|
"synonyms": ["Goblin Panda","Cycldek"]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"group": "Night Dragon",
|
||||||
|
"refs": ["https://kc.mcafee.com/corporate/index?page=content&id=KB71150"],
|
||||||
|
"country": "CN"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"group": "Mirage",
|
||||||
|
"refs": ["https://www.fireeye.com/blog/threat-research/2014/09/forced-to-adapt-xslcmd-backdoor-now-on-os-x.html"],
|
||||||
|
"country": "CN",
|
||||||
|
"synonyms": ["Vixen Panda","Ke3Chang","GREF", "Playful Dragon"]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"group": "Anchor Panda",
|
||||||
|
"refs": ["http://www.crowdstrike.com/blog/whois-anchor-panda/"],
|
||||||
|
"country": "CN"
|
||||||
|
},
|
||||||
|
{
|
||||||
"group": "Sofacy",
|
"group": "Sofacy",
|
||||||
"description": "The Sofacy Group (also known as APT28, Pawn Storm, Fancy Bear and Sednit) is a cyber espionage group believed to have ties to the Russian government. Likely operating since 2007, the group is known to target government, military, and security organizations. It has been characterized as an advanced persistent threat.",
|
"description": "The Sofacy Group (also known as APT28, Pawn Storm, Fancy Bear and Sednit) is a cyber espionage group believed to have ties to the Russian government. Likely operating since 2007, the group is known to target government, military, and security organizations. It has been characterized as an advanced persistent threat.",
|
||||||
"refs": ["https://en.wikipedia.org/wiki/Sofacy_Group"],
|
"refs": ["https://en.wikipedia.org/wiki/Sofacy_Group"],
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue