MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-30 02:37:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added SaintBear

Browse source
This commit is contained in:
3c7 2022-04-28 09:36:25 +02:00
parent 33476bec81
commit dfb6c0668e
No known key found for this signature in database
GPG key ID: 513563BA3E81D017
1 changed files with 20 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
clusters/threat-actor.json
View file

@ -9164,7 +9164,26 @@
}, },
"uuid": "ad2d6946-1ec2-4d77-b864-39980af4e103", "uuid": "ad2d6946-1ec2-4d77-b864-39980af4e103",
"value": "Killnet" "value": "Killnet"
},
{
"description": "A group targeting UA state organizations using the GraphSteel and GrimPlant malware.",
"uuid": "c67d3dfb-ab39-46e1-a971-5efdfe6a5b9f",
"value": "SaintBear",
"meta": {
"synonyms": [
"UNC2589",
"TA471",
"UAC-0056"
],
"refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/win.graphsteel",
"https://cert.gov.ua/article/38374",
"https://blog.malwarebytes.com/threat-intelligence/2022/04/new-uac-0056-activity-theres-a-go-elephant-in-the-room/",
"https://www.intezer.com/blog/research/elephant-malware-targeting-ukrainian-orgs/",
"https://www.sentinelone.com/blog/threat-actor-uac-0056-targeting-ukraine-with-fake-translation-software/"
]
}
} }
], ],
"version": 218 "version": 219
} }