MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 14:57:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

[ADD] NavRAT

Browse source
This commit is contained in:
raw-data 2018-06-01 15:09:22 +01:00
parent 42bb2175e2
commit ba6892408b
1 changed files with 12 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
clusters/rat.json
View file

@ -1,6 +1,6 @@
{
"uuid": "312f8714-45cb-11e7-b898-135207cdceb9",
"description": "remote administration tool or remote access tool (RAT), also called sometimes remote access trojan, is a piece of software or programming that allows a remote \"operator\" to control a system as if they have physical access to that system.",
"name": "RAT",
"source": "MISP Project",
"version": 9,
"values": [
@ -2480,11 +2480,21 @@
"uuid": "e9f9d900-4f9a-11e8-bce9-4bfbb0e9ab4c",
"value": "Spymaster Pro",
"description": "Monitoring Software"
},
{
"meta": {
"refs": [
"https://blog.talosintelligence.com/2018/05/navrat.html"
]
},
"description": "Classic RAT that can download, upload, execute commands on the victim host and perform keylogging. However, the command and control (C2) infrastructure is very specific. It uses the legitimate Naver email platform in order to communicate with the attackers via email",
"value": "NavRAT",
"uuid": "6ea032a0-d54a-463b-b016-2b7b9b9a5b7e"
}
],
"authors": [
"Various"
],
"type": "rat",
"name": "RAT"
"description": "remote administration tool or remote access tool (RAT), also called sometimes remote access trojan, is a piece of software or programming that allows a remote \"operator\" to control a system as if they have physical access to that system."
}