mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-22 23:07:19 +00:00
[threat-actors] Add Storm-0324
This commit is contained in:
parent
f80bcdd97f
commit
e2fd005821
1 changed files with 26 additions and 1 deletions
|
@ -11646,7 +11646,32 @@
|
|||
},
|
||||
"uuid": "01ac8b25-492e-444b-891b-968f2694e7b2",
|
||||
"value": "MoustachedBouncer"
|
||||
},
|
||||
{
|
||||
"description": "The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware deployment.",
|
||||
"meta": {
|
||||
"references": [
|
||||
"https://www.microsoft.com/en-us/security/blog/2023/09/12/malware-distributor-storm-0324-facilitates-ransomware-access/",
|
||||
"https://www.proofpoint.com/us/blog/threat-insight/jssloader-recoded-and-reloaded"
|
||||
],
|
||||
"synonyms": [
|
||||
"DEV-0324",
|
||||
"Sagrid",
|
||||
"TA543"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
{
|
||||
"dest-uuid": "5db89188-568d-40d2-9320-5fb4a06fbd51",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "uses"
|
||||
}
|
||||
],
|
||||
"version": 281
|
||||
"uuid": "8cb6f57b-9ebb-45a6-a89f-9efdb8065d70",
|
||||
"value": "Storm-0324"
|
||||
}
|
||||
],
|
||||
"version": 282
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue