mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-27 01:07:18 +00:00
add Milan Rat, Shark tool and Lyceum synonyms
This commit is contained in:
parent
bb92427b65
commit
b8960393a4
2 changed files with 25 additions and 2 deletions
|
@ -3486,7 +3486,20 @@
|
||||||
},
|
},
|
||||||
"uuid": "833ed94d-97c1-4b57-9634-c27bf42eb867",
|
"uuid": "833ed94d-97c1-4b57-9634-c27bf42eb867",
|
||||||
"value": "Guildma"
|
"value": "Guildma"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Milan is a 32-bit RAT written in Visual C++ and .NET. Milan is loaded and persists using tasks. An encoded routine waits for three to four seconds between executing the first task, deleting this task, and setting a second scheduled task for persistence.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.prevailion.com/latest-targets-of-cyber-group-lyceum/"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"James"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "a5e5a48a-5ce7-45f0-97d7-517d7f37b4ce",
|
||||||
|
"value": "Milan"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 36
|
"version": 37
|
||||||
}
|
}
|
||||||
|
|
|
@ -8450,7 +8450,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "d5b31712-a5b4-4b1c-9a74-4340abc61210",
|
"uuid": "d5b31712-a5b4-4b1c-9a74-4340abc61210",
|
||||||
"value": "ESPecter bootkit"
|
"value": "ESPecter bootkit"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Shark is a 32-bit executable written in C# and .NET. To run Shark, a parameter is passed on the command line that includes the executable’s filename. Shark generates a mutex that uses the executable’s filename as the mutex value. The mutex likely ensures Shark does not execute on a machine where it is already running and that the correct version of Shark is executed.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.prevailion.com/latest-targets-of-cyber-group-lyceum/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "9ea6d29e-00a7-4042-9bc5-31b1adeee6ec",
|
||||||
|
"value": "Shark"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 148
|
"version": 149
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue