mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
Merge branch 'main' into master
This commit is contained in:
commit
b6005bd53f
3 changed files with 42 additions and 3 deletions
|
@ -76,7 +76,19 @@
|
||||||
},
|
},
|
||||||
"uuid": "f3413f6c-5c3a-4df0-bbb5-2dbdf4d68c4c",
|
"uuid": "f3413f6c-5c3a-4df0-bbb5-2dbdf4d68c4c",
|
||||||
"value": "Ave Maria"
|
"value": "Ave Maria"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "A cryptocurrency-stealing malware distributed through Telegram",
|
||||||
|
"meta": {
|
||||||
|
"date": "April 2021.",
|
||||||
|
"refs": [
|
||||||
|
"https://decoded.avast.io/romanalinkeova/hackboss-a-cryptocurrency-stealing-malware-distributed-through-telegram/",
|
||||||
|
"https://github.com/avast/ioc/tree/master/HackBoss"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "ebc1c15d-3e27-456e-9473-61d92d91bda8",
|
||||||
|
"value": "HackBoss"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 7
|
"version": 8
|
||||||
}
|
}
|
||||||
|
|
|
@ -8842,7 +8842,20 @@
|
||||||
},
|
},
|
||||||
"uuid": "2dd31182-bae1-48ed-8bb3-805a3df89783",
|
"uuid": "2dd31182-bae1-48ed-8bb3-805a3df89783",
|
||||||
"value": "Gelsemium"
|
"value": "Gelsemium"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Mentioned as operator of TriumphLoader and Matanbuchus",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://unit42.paloaltonetworks.com/matanbuchus-malware-as-a-service/"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"Matanbuchus"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "e7aff414-fc21-43eb-ad5d-9a46e07be9f5",
|
||||||
|
"value": "BelialDemon"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 204
|
"version": 205
|
||||||
}
|
}
|
||||||
|
|
|
@ -8412,7 +8412,21 @@
|
||||||
],
|
],
|
||||||
"uuid": "1422b81c-a3c6-4229-8523-82d705400f46",
|
"uuid": "1422b81c-a3c6-4229-8523-82d705400f46",
|
||||||
"value": "Sibot"
|
"value": "Sibot"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Matanbuchus is a loader promoted by BelialDemon. It can launch an EXE or DLL file in memory, leverage schtasks.exe to add or modify task schedules, and launch custom PowerShell commands, among other capabilities. Attackers use a Microsoft Excel document as the initial vector to drop the Matanbuchus Loader DLL.",
|
||||||
|
"meta": {
|
||||||
|
"date": "Feb 2021.",
|
||||||
|
"refs": [
|
||||||
|
"https://unit42.paloaltonetworks.com/matanbuchus-malware-as-a-service/"
|
||||||
|
],
|
||||||
|
"type": [
|
||||||
|
"Loader"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "2214b113-6942-494f-94b7-576e74fccdb5",
|
||||||
|
"value": "Matanbuchus"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 145
|
"version": 146
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue