mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 08:47:18 +00:00
Merge branch 'master' of https://github.com/Kafeine/misp-galaxy into Kafeine-master
This commit is contained in:
commit
e55f91b7ac
1 changed files with 35 additions and 6 deletions
|
@ -17,7 +17,7 @@
|
||||||
"http://malware.dontneedcoffee.com/2014/09/astrum-ek.html",
|
"http://malware.dontneedcoffee.com/2014/09/astrum-ek.html",
|
||||||
"http://www.welivesecurity.com/2016/12/06/readers-popular-websites-targeted-stealthy-stegano-exploit-kit-hiding-pixels-malicious-ads/"
|
"http://www.welivesecurity.com/2016/12/06/readers-popular-websites-targeted-stealthy-stegano-exploit-kit-hiding-pixels-malicious-ads/"
|
||||||
],
|
],
|
||||||
"status": "Active",
|
"status": "Retired - Last seen 2017-06-14",
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"Stegano EK"
|
"Stegano EK"
|
||||||
]
|
]
|
||||||
|
@ -25,10 +25,39 @@
|
||||||
"uuid": "e9ca60cd-94fc-4a54-ac98-30e675a46b3e",
|
"uuid": "e9ca60cd-94fc-4a54-ac98-30e675a46b3e",
|
||||||
"value": "Astrum"
|
"value": "Astrum"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"description": "Underminer EK is an exploit kit that seems to be used privately against users in Asia. Functionalities: browser profiling and filtering, preventing of client revisits, URL randomization, and asymmetric encryption of payloads.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://blog.trendmicro.com/trendlabs-security-intelligence/new-underminer-exploit-kit-delivers-bootkit-and-cryptocurrency-mining-malware-with-encrypted-tcp-tunnel/",
|
||||||
|
"http://bobao.360.cn/interref/detail/248.html"
|
||||||
|
],
|
||||||
|
"status": "Active",
|
||||||
|
"synonyms": [
|
||||||
|
"Underminer EK"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "49492577-62dd-491d-95d4-92a47adbd98a",
|
||||||
|
"value": "Underminer"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Fallout Exploit Kit appeared at the end of August 2018 as an updated Nuclear Pack featuring current exploits seen in competiting Exploit Kit.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.nao-sec.org/2018/09/hello-fallout-exploit-kit.html"
|
||||||
|
],
|
||||||
|
"status": "Active",
|
||||||
|
"synonyms": [
|
||||||
|
"Fallout"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "1f05f646-5af6-4a95-825b-164f49616aa4",
|
||||||
|
"value": "Fallout"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"description": "Bingo EK is the name chosen by the defense for a Fiesta-ish EK first spotted in March 2017 and targetting at that times mostly Russia",
|
"description": "Bingo EK is the name chosen by the defense for a Fiesta-ish EK first spotted in March 2017 and targetting at that times mostly Russia",
|
||||||
"meta": {
|
"meta": {
|
||||||
"status": "Active"
|
"status": "Retired - Last seen 2017-07-07"
|
||||||
},
|
},
|
||||||
"uuid": "9e864c01-3d9e-4b8d-811e-46471ff866e9",
|
"uuid": "9e864c01-3d9e-4b8d-811e-46471ff866e9",
|
||||||
"value": "Bingo"
|
"value": "Bingo"
|
||||||
|
@ -39,7 +68,7 @@
|
||||||
"refs": [
|
"refs": [
|
||||||
"https://www.trustwave.com/Resources/SpiderLabs-Blog/Terror-Exploit-Kit--More-like-Error-Exploit-Kit/"
|
"https://www.trustwave.com/Resources/SpiderLabs-Blog/Terror-Exploit-Kit--More-like-Error-Exploit-Kit/"
|
||||||
],
|
],
|
||||||
"status": "Active",
|
"status": "Retired - Last seen 2017-11-11",
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"Blaze EK",
|
"Blaze EK",
|
||||||
"Neptune EK"
|
"Neptune EK"
|
||||||
|
@ -56,7 +85,7 @@
|
||||||
"http://blog.trendmicro.com/trendlabs-security-intelligence/pawn-storm-ramps-up-spear-phishing-before-zero-days-get-patched/",
|
"http://blog.trendmicro.com/trendlabs-security-intelligence/pawn-storm-ramps-up-spear-phishing-before-zero-days-get-patched/",
|
||||||
"https://www.welivesecurity.com/2017/12/21/sednit-update-fancy-bear-spent-year/"
|
"https://www.welivesecurity.com/2017/12/21/sednit-update-fancy-bear-spent-year/"
|
||||||
],
|
],
|
||||||
"status": "Active",
|
"status": "Retired - Last seen ",
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"Sednit RTF EK"
|
"Sednit RTF EK"
|
||||||
]
|
]
|
||||||
|
@ -228,7 +257,7 @@
|
||||||
"refs": [
|
"refs": [
|
||||||
"https://www.proofpoint.com/us/threat-insight/post/Hunter-Exploit-Kit-Targets-Brazilian-Banking-Customers"
|
"https://www.proofpoint.com/us/threat-insight/post/Hunter-Exploit-Kit-Targets-Brazilian-Banking-Customers"
|
||||||
],
|
],
|
||||||
"status": "Retired - Last seen 2017-02-06",
|
"status": "Active",
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"3ROS Exploit Kit"
|
"3ROS Exploit Kit"
|
||||||
]
|
]
|
||||||
|
@ -705,5 +734,5 @@
|
||||||
"value": "Unknown"
|
"value": "Unknown"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 8
|
"version": 9
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue