More actors CN,TN and RU + synonyms

2024-11-26 16:57:18 +00:00 · 2016-03-02 07:27:06 +01:00 · 2016-03-02 07:27:06 +01:00 · ddd49b277d
commit ddd49b277d
parent c4caaeb5d0
1 changed files with 30 additions and 3 deletions
--- a/elements/adversary-groups.json
+++ b/elements/adversary-groups.json
@ -3,7 +3,7 @@
  "description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
  "authors": ["Alexandre Dulaunoy", "Florian Roth", "Various"],
  "type": "Adversary Groups",
-  "groups"  : ["Comment Crew","Putter Panda","Sofacy","APT 29","Turla Group","Energetic Bear","Sandworm","Anunak","TeamSpy Crew","BuhTrap","Putter Panda","UPS","IXESHE","APT 16","Aurora Panda","Wekby","Axiom","Shell Crew","Naikon","Lotus Blossom","Hurricane Panda","Emissary Panda","Stone Panda","Nightshade Panda","Hellsing","Night Dragon","Mirage","Anchor Panda","NetTraveler","Ice Fog","HiddenLynx","Beijing Group","Pirate Panda","Radio Panda","Dagger Panda","Samurai Panda","Impersonating Panda","Violin Panda","Toxic Panda","Temper Panda","Flying Kitten","Pirate Panda","Viking Jackal","Cutting Kitten"],
+  "groups"  : ["Comment Crew","Putter Panda","Sofacy","APT 29","Turla Group","Energetic Bear","Sandworm","Anunak","TeamSpy Crew","BuhTrap","Putter Panda","UPS","IXESHE","APT 16","Aurora Panda","Wekby","Axiom","Shell Crew","Naikon","Lotus Blossom","Hurricane Panda","Emissary Panda","Stone Panda","Nightshade Panda","Hellsing","Night Dragon","Mirage","Anchor Panda","NetTraveler","Ice Fog","HiddenLynx","Beijing Group","Pirate Panda","Radio Panda","Dagger Panda","Samurai Panda","Impersonating Panda","Violin Panda","Toxic Panda","Temper Panda","Flying Kitten","Pirate Panda","Viking Jackal","Cutting Kitten","Rebel Jackal","Stalker Panda","Berserk Bear","Dizzy Panda","Predator Panda"],
  "details" : [
                        {
                        "group": "Comment Crew",
@ -13,6 +13,18 @@
                        "synonyms": ["Comment Panda","PLA Unit 61398", "APT 1","Advanced Persistent Threat 1","Byzantine Candor","Group 3","TG-8223"]
                        },
                        {
                        "group": "Stalker Panda",
                        "country": "CN"
                        },
                        {
                        "group": "Predator Panda",
                        "country": "CN"
                        },
                        {
                        "group": "Dizzy Panda",
                        "synonyms": ["LadyBoyle"]
                        },
                        {
                        "group": "Putter Panda",
                        "refs": ["http://cdn0.vox-cdn.com/assets/4589853/crowdstrike-intelligence-report-putter-panda.original.pdf"],
                        "country": "CN",
@ -84,7 +96,8 @@
                        },
                        {
                        "group": "Stone Panda",
-                        "country": "CN"
+                        "country": "CN",
                        "synonyms": ["APT10","APT 10","menuPass","happyyongzi","POTASSIUM"]
                        },
                        {
                        "group": "Nightshade Panda",
@ -123,7 +136,12 @@
                        "group": "Ice Fog",
                        "refs": ["https://securelist.com/blog/research/57331/the-icefog-apt-a-tale-of-cloak-and-three-daggers/"],
                        "country": "CN",
-                        "synomyns": ["IceFog"]
+                        "synomyns": ["IceFog","Dagger Panda"]
                        },
                        {
                        "group": "Pitty Panda",
                        "country": "CN",
                        "synonyms": ["PittyTiger", "MANGANESE"]
                        },
                        {
                        "group": "HiddenLynx",
@ -186,6 +204,11 @@
                        "country": "IR"
                        },
                        {
                        "group": "Rebel Jackal",
                        "synonyms": ["FallagaTeam"],
                        "country": "TN"
                        },
                        {
                        "group": "Viking Jackal",
                        "synonyms": ["Vikingdom"],
                        "country": "AE"
@ -236,6 +259,10 @@
                        "refs": ["http://www.welivesecurity.com/2015/11/11/operathion-buhtrap-malware-distributed-via-ammyy-com/"],
                        "country": "RU",
                        "synonyms": [""]
                        },
                        {
                        "group": "Berserk Bear",
                        "country": "RU"
                        }
              ]
 }