MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2025-01-31 17:06:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

chg: [malpedia] duplicate refs removed

Browse source
This commit is contained in:
Alexandre Dulaunoy 2023-09-26 10:58:46 +02:00
parent 479f0ad83f
commit b79b75dba4
Signed by: adulau
GPG key ID: 09E2CD4944E6CBCD
1 changed files with 1 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
clusters/malpedia.json
View file

@ -7048,7 +7048,6 @@
"https://www.intezer.com/wp-content/uploads/2021/09/TeamTNT-Cryptomining-Explosion.pdf", "https://www.intezer.com/wp-content/uploads/2021/09/TeamTNT-Cryptomining-Explosion.pdf",
"https://blog.aquasec.com/teamtnt-campaign-against-docker-kubernetes-environment", "https://blog.aquasec.com/teamtnt-campaign-against-docker-kubernetes-environment",
"https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/docs/vmw-exposing-malware-in-linux-based-multi-cloud-environments.pdf", "https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/docs/vmw-exposing-malware-in-linux-based-multi-cloud-environments.pdf",
"https://malpedia.caad.fkie.fraunhofer.de/details/elf.teamtnt",
"https://www.cadosecurity.com/teamtnt-script-employed-to-grab-aws-credentials/", "https://www.cadosecurity.com/teamtnt-script-employed-to-grab-aws-credentials/",
"https://cybersecurity.att.com/blogs/labs-research/teamtnt-with-new-campaign-aka-chimaera", "https://cybersecurity.att.com/blogs/labs-research/teamtnt-with-new-campaign-aka-chimaera",
"https://www.cadosecurity.com/post/team-tnt-the-first-crypto-mining-worm-to-steal-aws-credentials", "https://www.cadosecurity.com/post/team-tnt-the-first-crypto-mining-worm-to-steal-aws-credentials",
@ -11695,7 +11694,6 @@
"description": "", "description": "",
"meta": { "meta": {
"refs": [ "refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/py.pyaesloader",
"https://malpedia.caad.fkie.fraunhofer.de/details/py.pyaesloader" "https://malpedia.caad.fkie.fraunhofer.de/details/py.pyaesloader"
], ],
"synonyms": [], "synonyms": [],
@ -11847,7 +11845,6 @@
"description": "", "description": "",
"meta": { "meta": {
"refs": [ "refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/py.unidentified_002",
"https://malpedia.caad.fkie.fraunhofer.de/details/py.unidentified_002" "https://malpedia.caad.fkie.fraunhofer.de/details/py.unidentified_002"
], ],
"synonyms": [], "synonyms": [],
@ -11860,7 +11857,6 @@
"description": "", "description": "",
"meta": { "meta": {
"refs": [ "refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/py.unidentified_003",
"https://malpedia.caad.fkie.fraunhofer.de/details/py.unidentified_003" "https://malpedia.caad.fkie.fraunhofer.de/details/py.unidentified_003"
], ],
"synonyms": [], "synonyms": [],
@ -22169,7 +22165,6 @@
"https://malcat.fr/blog/exploit-steganography-and-delphi-unpacking-dbatloader/", "https://malcat.fr/blog/exploit-steganography-and-delphi-unpacking-dbatloader/",
"https://www.netskope.com/blog/dbatloader-abusing-discord-to-deliver-warzone-rat", "https://www.netskope.com/blog/dbatloader-abusing-discord-to-deliver-warzone-rat",
"https://gi7w0rm.medium.com/uncovering-ddgroup-a-long-time-threat-actor-d3b3020625a4", "https://gi7w0rm.medium.com/uncovering-ddgroup-a-long-time-threat-actor-d3b3020625a4",
"https://malpedia.caad.fkie.fraunhofer.de/details/win.dbatloader",
"https://www.zscaler.com/blogs/security-research/dbatloader-actively-distributing-malwares-targeting-european-businesses", "https://www.zscaler.com/blogs/security-research/dbatloader-actively-distributing-malwares-targeting-european-businesses",
"https://securityintelligence.com/posts/email-campaigns-leverage-updated-dbatloader-deliver-rats-stealers/", "https://securityintelligence.com/posts/email-campaigns-leverage-updated-dbatloader-deliver-rats-stealers/",
"https://blog.vincss.net/2020/09/re016-malware-analysis-modiloader-eng.html", "https://blog.vincss.net/2020/09/re016-malware-analysis-modiloader-eng.html",
@ -25523,7 +25518,6 @@
"description": "FastLoader is a small .NET downloader, which name comes from PDB strings seen in samples. It typically downloads TrickBot. It may create a list of processes and uploads it together with screenshot(s). In more recent versions, it employs simple anti-analysis checks (VM detection) and comes with string obfuscations. \r\n", "description": "FastLoader is a small .NET downloader, which name comes from PDB strings seen in samples. It typically downloads TrickBot. It may create a list of processes and uploads it together with screenshot(s). In more recent versions, it employs simple anti-analysis checks (VM detection) and comes with string obfuscations. \r\n",
"meta": { "meta": {
"refs": [ "refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/win.fastloader",
"https://malpedia.caad.fkie.fraunhofer.de/details/win.fastloader" "https://malpedia.caad.fkie.fraunhofer.de/details/win.fastloader"
], ],
"synonyms": [], "synonyms": [],
@ -28033,8 +28027,7 @@
"https://cert.gov.ua/article/38374", "https://cert.gov.ua/article/38374",
"https://www.intezer.com/blog/research/elephant-malware-targeting-ukrainian-orgs/", "https://www.intezer.com/blog/research/elephant-malware-targeting-ukrainian-orgs/",
"https://businessinsights.bitdefender.com/deep-dive-into-the-elephant-framework-a-new-cyber-threat-in-ukraine", "https://businessinsights.bitdefender.com/deep-dive-into-the-elephant-framework-a-new-cyber-threat-in-ukraine",
"https://cip.gov.ua/en/news/khto-stoyit-za-kiberatakami-na-ukrayinsku-kritichnu-informaciinu-infrastrukturu-statistika-15-22-bereznya", "https://cip.gov.ua/en/news/khto-stoyit-za-kiberatakami-na-ukrayinsku-kritichnu-informaciinu-infrastrukturu-statistika-15-22-bereznya"
"https://malpedia.caad.fkie.fraunhofer.de/details/win.graphsteel"
], ],
"synonyms": [], "synonyms": [],
"type": [] "type": []
@ -30075,7 +30068,6 @@
"description": "", "description": "",
"meta": { "meta": {
"refs": [ "refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/win.icyheart",
"https://malpedia.caad.fkie.fraunhofer.de/details/win.icyheart" "https://malpedia.caad.fkie.fraunhofer.de/details/win.icyheart"
], ],
"synonyms": [ "synonyms": [
@ -31774,7 +31766,6 @@
"description": "KleptoParasite Stealer is advertised on Hackforums as a noob-friendly stealer. It is modular and comes with a IP retriever module, a Outlook stealer (32bit/64bit) and a Chrome/Firefox stealer (32bit/64bit). Earlier versions come bundled (loader plus modules), newer versions come with a loader (167k) that grabs the modules.\r\n\r\nPDB-strings suggest a relationship to JogLog v6 and v7.", "description": "KleptoParasite Stealer is advertised on Hackforums as a noob-friendly stealer. It is modular and comes with a IP retriever module, a Outlook stealer (32bit/64bit) and a Chrome/Firefox stealer (32bit/64bit). Earlier versions come bundled (loader plus modules), newer versions come with a loader (167k) that grabs the modules.\r\n\r\nPDB-strings suggest a relationship to JogLog v6 and v7.",
"meta": { "meta": {
"refs": [ "refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/win.kleptoparasite_stealer",
"https://malpedia.caad.fkie.fraunhofer.de/details/win.kleptoparasite_stealer" "https://malpedia.caad.fkie.fraunhofer.de/details/win.kleptoparasite_stealer"
], ],
"synonyms": [ "synonyms": [
@ -45960,7 +45951,6 @@
"https://cdn-cybersecurity.att.com/docs/global-perspective-of-the-sidewinder-apt.pdf", "https://cdn-cybersecurity.att.com/docs/global-perspective-of-the-sidewinder-apt.pdf",
"https://www.trendmicro.com/en_us/research/20/l/sidewinder-leverages-south-asian-territorial-issues-for-spear-ph.html", "https://www.trendmicro.com/en_us/research/20/l/sidewinder-leverages-south-asian-territorial-issues-for-spear-ph.html",
"https://otx.alienvault.com/pulse/5fd10760f9afb730d37c4742/", "https://otx.alienvault.com/pulse/5fd10760f9afb730d37c4742/",
"https://malpedia.caad.fkie.fraunhofer.de/details/win.sidewinder",
"https://s.tencent.com/research/report/479.html", "https://s.tencent.com/research/report/479.html",
"https://s.tencent.com/research/report/659.html", "https://s.tencent.com/research/report/659.html",
"https://medium.com/@Sebdraven/apt-sidewinder-tricks-powershell-anti-forensics-and-execution-side-loading-5bc1a7e7c84c", "https://medium.com/@Sebdraven/apt-sidewinder-tricks-powershell-anti-forensics-and-execution-side-loading-5bc1a7e7c84c",