diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index f57358b..24179d9 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -671,12 +671,12 @@ "https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-july-wicked-spider/" ], "synonyms": [ - "Winnti Umbrella" + "Winnti Umbrella", "Winnti Group", "Tailgater Team", - "Suckfly" + "Suckfly", "APT41", - "APT 41" + "APT 41", "Group 72", "Group72", "Tailgater", diff --git a/clusters/tool.json b/clusters/tool.json index b6a9bb7..8c8241b 100644 --- a/clusters/tool.json +++ b/clusters/tool.json @@ -665,7 +665,8 @@ "SUQ", "Agent.ALQHI", "RbDoor", - "RibDoor","HIGHNOON" + "RibDoor", + "HIGHNOON" ], "type": [ "Backdoor" @@ -5355,7 +5356,10 @@ "refs": [ "https://cdn.securelist.com/files/2017/08/ShadowPad_technical_description_PDF.pdf" ], - "synonyms":[ "POISONPLUG", "Barlaiy"] + "synonyms": [ + "POISONPLUG", + "Barlaiy" + ] }, "related": [ { @@ -7864,11 +7868,14 @@ "value": "Netscan" }, { - "value":"ShadowHammer", "description": "Malware embedded in Asus Live Update in 2018. ShadowHammer triggers its malicious behavior only if the computer it is running on has a network adapter with the MAC address whitelisted by the attacker.", "meta": { - "refs": ["https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Winnti.pdf"] - } + "refs": [ + "https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Winnti.pdf" + ] + }, + "uuid": "c1815516-aa2a-43d2-9136-78a8feb054b6", + "value": "ShadowHammer" } ], "version": 127