mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 10:17:18 +00:00
[threat-actors] Add Void Banshee
This commit is contained in:
parent
32e2e04a3c
commit
d77d3398ab
1 changed files with 10 additions and 0 deletions
|
@ -16358,6 +16358,16 @@
|
||||||
},
|
},
|
||||||
"uuid": "745fd45f-9076-4c88-a977-01940bc0d36e",
|
"uuid": "745fd45f-9076-4c88-a977-01940bc0d36e",
|
||||||
"value": "Water Sigbin"
|
"value": "Water Sigbin"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Void Banshee is an APT group targeting North America, Europe, and Southeast Asia for information theft and financial gain. They exploit vulnerabilities like CVE-2024-38112 to deliver the Atlantida info-stealer through malicious PDFs disguised as book files. The group uses internet shortcuts with MHTML protocol handlers to access and execute files through disabled Internet Explorer, posing a significant threat to organizations. Void Banshee's TTPs include crafting URL strings to control window sizes in IE and using HTML files to hide malicious downloads from victims.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.trendmicro.com/en_us/research/24/g/CVE-2024-38112-void-banshee.html"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "df584835-97da-4e27-ab35-bcd3c5bf7815",
|
||||||
|
"value": "Void Banshee"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 312
|
"version": 312
|
||||||
|
|
Loading…
Reference in a new issue