mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-22 23:07:19 +00:00
[threat-actors] Add Storm-0324
This commit is contained in:
Mathieu Beligon
parent
f80bcdd97f
commit
e2fd005821
1 changed files with 26 additions and 1 deletions
|
|
@ -11646,7 +11646,32 @@
|
||||||
},
|
},
|
||||||
"uuid": "01ac8b25-492e-444b-891b-968f2694e7b2",
|
"uuid": "01ac8b25-492e-444b-891b-968f2694e7b2",
|
||||||
"value": "MoustachedBouncer"
|
"value": "MoustachedBouncer"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware deployment.",
|
||||||
|
"meta": {
|
||||||
|
"references": [
|
||||||
|
"https://www.microsoft.com/en-us/security/blog/2023/09/12/malware-distributor-storm-0324-facilitates-ransomware-access/",
|
||||||
|
"https://www.proofpoint.com/us/blog/threat-insight/jssloader-recoded-and-reloaded"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"DEV-0324",
|
||||||
|
"Sagrid",
|
||||||
|
"TA543"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"related": [
|
||||||
|
{
|
||||||
|
"dest-uuid": "5db89188-568d-40d2-9320-5fb4a06fbd51",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"likely\""
|
||||||
|
],
|
||||||
|
"type": "uses"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"uuid": "8cb6f57b-9ebb-45a6-a89f-9efdb8065d70",
|
||||||
|
"value": "Storm-0324"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 281
|
"version": 282
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue