Merge pull request #462 from Delta-Sierra/master

add synonyms
This commit is contained in:
Alexandre Dulaunoy 2019-10-07 15:27:20 +02:00 committed by GitHub
commit e591852ec0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 23 additions and 3 deletions

View file

@ -13444,6 +13444,9 @@
"meta": { "meta": {
"refs": [ "refs": [
"https://blog.talosintelligence.com/2019/04/sodinokibi-ransomware-exploits-weblogic.html" "https://blog.talosintelligence.com/2019/04/sodinokibi-ransomware-exploits-weblogic.html"
],
"synonyms": [
"REvil"
] ]
}, },
"uuid": "24bd9a4b-2b66-428b-8e1c-6b280b056c00", "uuid": "24bd9a4b-2b66-428b-8e1c-6b280b056c00",

View file

@ -1934,7 +1934,9 @@
"https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/PLUGX" "https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/PLUGX"
], ],
"synonyms": [ "synonyms": [
"Korplug" "Korplug",
"SOGU",
"Scontroller"
] ]
}, },
"related": [ "related": [
@ -3416,5 +3418,5 @@
"value": "InnfiRAT" "value": "InnfiRAT"
} }
], ],
"version": 31 "version": 32
} }

View file

@ -7844,7 +7844,22 @@
}, },
"uuid": "a577bb0d-9732-449a-80f7-5e6c93e6046c", "uuid": "a577bb0d-9732-449a-80f7-5e6c93e6046c",
"value": "Reductor" "value": "Reductor"
},
{
"description": "Legitimate tool - command-line tool used to monitor a running process and dump memory depending on customcriteria. The attackers use this tool to dump the LSASS process to gatherWINDOWScredentials hashes",
"uuid": "1ae22855-c343-4ae9-8cab-522c9da938aa",
"value": "ProcDump"
},
{
"description": "Legitimate tool - command-line tool used to import and export certificates on a machine. The attackers use this toolto gather credentials used for VPN authentication to the clients networks",
"uuid": "fadd0d1f-b098-43ea-b7a6-50fb58aef9f6",
"value": "CertMig"
},
{
"description": "Legitimate tool - tool used to scan IPv4/IPv6 networks and remotely execute PowerShell commands.",
"uuid": "bbba3a35-5064-4e60-ad4b-0ba16cc81a23",
"value": "Netscan"
} }
], ],
"version": 125 "version": 126
} }