mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
[threat-actors] Add Earth Hundun
This commit is contained in:
parent
64533dba91
commit
bf5dd6e382
1 changed files with 11 additions and 0 deletions
|
@ -15620,6 +15620,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "2742b229-02f4-40d0-9b99-91844a2b030e",
|
"uuid": "2742b229-02f4-40d0-9b99-91844a2b030e",
|
||||||
"value": "RUBYCARP"
|
"value": "RUBYCARP"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Earth Hundun is a cyberespionage threat actor targeting technology and government sectors in the Asia-Pacific region. They are known for using the Waterbear and Deuterbear malware, which have advanced evasion tactics and anti-analysis mechanisms. The group has been active since at least 2009 and continuously refines their malware to bypass antivirus software. Earth Hundun's attacks involve phishing emails, malware droppers, and backdoors to infiltrate organizations and gather intelligence.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.trendmicro.com/en_us/research/24/d/earth-hundun-waterbear-deuterbear.html",
|
||||||
|
"https://blogs.jpcert.or.jp/en/2022/03/jsac2022report1.html"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "edd85e27-9d05-4bc7-9b2b-5422e909336a",
|
||||||
|
"value": "Earth Hundun"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 305
|
"version": 305
|
||||||
|
|
Loading…
Reference in a new issue