mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-22 23:07:19 +00:00
fix: [threat-actor] fix JSON
This commit is contained in:
parent
0dd2f95a50
commit
c306125679
1 changed files with 5 additions and 5 deletions
|
@ -13789,13 +13789,15 @@
|
|||
{
|
||||
"description": "First disclosed in 2023, the Sandman APT is likely associated with suspected China-based threat clusters known for using the KEYPLUG backdoor, specifically STORM-0866/Red Dev 40. Sandman is tracked as a distinct cluster, pending additional conclusive information. A notable characteristic is its use of the LuaDream backdoor. LuaDream is based on the Lua platform, a relatively rare occurrence in the cyberespionage domain, historically associated with APTs considered Western or Western-aligned.",
|
||||
"meta": {
|
||||
"attribution-confidence": "50",
|
||||
"cfr-suspected-state-sponsor": "China",
|
||||
"cfr-suspected-victims": [
|
||||
"Middle East",
|
||||
"Southeast Asian",
|
||||
"France",
|
||||
"Egypt",
|
||||
"Sudan",
|
||||
"South Sudan"
|
||||
"South Sudan",
|
||||
"Libya",
|
||||
"Turkey",
|
||||
"Saudi Arabia",
|
||||
|
@ -13814,10 +13816,8 @@
|
|||
"Government",
|
||||
"Telecommunications"
|
||||
],
|
||||
"attribution-confidence": "50",
|
||||
"country": "CN",
|
||||
"cfr-suspected-state-sponsor": "China",
|
||||
"cfr-type-of-incident": "Espionage",
|
||||
"country": "CN",
|
||||
"references": [
|
||||
"https://www.sentinelone.com/labs/sandman-apt-china-based-adversaries-embrace-lua/",
|
||||
"https://www.sentinelone.com/labs/sandman-apt-a-mystery-group-targeting-telcos-with-a-luajit-toolkit/"
|
||||
|
@ -13827,5 +13827,5 @@
|
|||
"value": "Sandman APT"
|
||||
}
|
||||
],
|
||||
"version": 295
|
||||
"version": 296
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue