From cdc80e5596218bec148009f3ff6de91310e24bcc Mon Sep 17 00:00:00 2001 From: Thanat0s Date: Sun, 26 Feb 2017 20:02:34 +0100 Subject: [PATCH] Pimp RarStone --- clusters/tool.json | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/clusters/tool.json b/clusters/tool.json index cc6af7f..ea337c4 100644 --- a/clusters/tool.json +++ b/clusters/tool.json @@ -432,7 +432,16 @@ } }, { - "value": "RARSTONE" + "value": "RARSTONE", + "description": "RARSTONE is a Remote Access Tool (RAT) discovered early 2013 by TrendMicro, it’s characterized by a great affinity with the other RAT know as Plug is and was used in April for phishing campaigns that followed the dramatic attack to the Boston Marathon.", + "meta": { + "refs": [ + "http://blog.trendmicro.com/trendlabs-security-intelligence/bkdr_rarstone-new-rat-to-watch-out-for/" + ], + "type": [ + "Backdoor" + ] + } }, { "value": "BACKSPACe"