From cd76f19f52e94a61f0d500fa3cdbf89a758e1c19 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 15 Aug 2018 20:25:57 +0200 Subject: [PATCH] chg: [threat-actor] APT-C-35 actor added ref: https://ti.360.net/blog/articles/latest-activity-of-apt-c-35/ --- clusters/threat-actor.json | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 251b002..045640b 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -5365,7 +5365,20 @@ }, "uuid": "71a3b962-9a36-11e8-88f8-b31d20c6fa2a", "value": "RedAlpha" + }, + { + "value": "APT-C-35", + "uuid": "b9dc4e81-909f-4324-8b25-a0f359cd88e0", + "description": "In March 2017, the 360 Chasing Team found a sample of targeted attacks that confirmed the previously unknown sample of APT's attack actions, which the organization can now trace back at least in April 2016. The chasing team named the attack organization APT-C-35. In June 2017, the 360 Threat Intelligence Center discovered the organization’s new attack activity, confirmed and exposed the gang’s targeted attacks against Pakistan, and analyzed in detail. The unique EHDevel malicious code framework used by the organization", + "meta": { + "refs": [ + "https://ti.360.net/blog/articles/latest-activity-of-apt-c-35/" + ], + "synonyms": [ + "DoNot Team" + ] + } } ], - "version": 52 + "version": 53 }