mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
jq
This commit is contained in:
parent
0a8f989e1c
commit
bee9b80898
2 changed files with 15 additions and 8 deletions
|
@ -671,12 +671,12 @@
|
||||||
"https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-july-wicked-spider/"
|
"https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-july-wicked-spider/"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"Winnti Umbrella"
|
"Winnti Umbrella",
|
||||||
"Winnti Group",
|
"Winnti Group",
|
||||||
"Tailgater Team",
|
"Tailgater Team",
|
||||||
"Suckfly"
|
"Suckfly",
|
||||||
"APT41",
|
"APT41",
|
||||||
"APT 41"
|
"APT 41",
|
||||||
"Group 72",
|
"Group 72",
|
||||||
"Group72",
|
"Group72",
|
||||||
"Tailgater",
|
"Tailgater",
|
||||||
|
|
|
@ -665,7 +665,8 @@
|
||||||
"SUQ",
|
"SUQ",
|
||||||
"Agent.ALQHI",
|
"Agent.ALQHI",
|
||||||
"RbDoor",
|
"RbDoor",
|
||||||
"RibDoor","HIGHNOON"
|
"RibDoor",
|
||||||
|
"HIGHNOON"
|
||||||
],
|
],
|
||||||
"type": [
|
"type": [
|
||||||
"Backdoor"
|
"Backdoor"
|
||||||
|
@ -5355,7 +5356,10 @@
|
||||||
"refs": [
|
"refs": [
|
||||||
"https://cdn.securelist.com/files/2017/08/ShadowPad_technical_description_PDF.pdf"
|
"https://cdn.securelist.com/files/2017/08/ShadowPad_technical_description_PDF.pdf"
|
||||||
],
|
],
|
||||||
"synonyms":[ "POISONPLUG", "Barlaiy"]
|
"synonyms": [
|
||||||
|
"POISONPLUG",
|
||||||
|
"Barlaiy"
|
||||||
|
]
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
{
|
{
|
||||||
|
@ -7864,11 +7868,14 @@
|
||||||
"value": "Netscan"
|
"value": "Netscan"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value":"ShadowHammer",
|
|
||||||
"description": "Malware embedded in Asus Live Update in 2018. ShadowHammer triggers its malicious behavior only if the computer it is running on has a network adapter with the MAC address whitelisted by the attacker.",
|
"description": "Malware embedded in Asus Live Update in 2018. ShadowHammer triggers its malicious behavior only if the computer it is running on has a network adapter with the MAC address whitelisted by the attacker.",
|
||||||
"meta": {
|
"meta": {
|
||||||
"refs": ["https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Winnti.pdf"]
|
"refs": [
|
||||||
}
|
"https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Winnti.pdf"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "c1815516-aa2a-43d2-9136-78a8feb054b6",
|
||||||
|
"value": "ShadowHammer"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 127
|
"version": 127
|
||||||
|
|
Loading…
Reference in a new issue