mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-23 07:17:17 +00:00
[threat-actors] Add TA575
This commit is contained in:
Mathieu Beligon
parent
c52ac53765
commit
e836a4a63c
1 changed files with 55 additions and 0 deletions
|
|
@ -10061,6 +10061,61 @@
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"value": "TA570"
|
"value": "TA570"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "TA575 is a Dridex affiliate tracked by Proofpoint since late 2020. This group distributes malware such as Dridex, Qakbot, and WastedLocker via malicious URLs, Office attachments, and password-protected files. On average, TA575 distributes almost 4,000 messages per campaign impacting hundreds of organizations.",
|
||||||
|
"meta": {
|
||||||
|
"references": [
|
||||||
|
"https://blogs.blackberry.com/en/2021/08/blackberry-prevents-threat-actor-group-ta575-and-dridex-malware",
|
||||||
|
"https://www.proofpoint.com/us/blog/threat-insight/ta575-uses-squid-game-lures-distribute-dridex-malware",
|
||||||
|
"https://www.zdnet.com/article/ta575-criminal-group-using-squid-game-lures-for-dridex-malware/"
|
||||||
|
],
|
||||||
|
},
|
||||||
|
"related": [
|
||||||
|
{
|
||||||
|
"dest-uuid": "b4216929-1626-4444-bdd7-bfd4b68a766e",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"very-likely\""
|
||||||
|
],
|
||||||
|
"type": "uses"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"dest-uuid": "f01e2711-4b48-4192-a2e8-5f56c945ca19",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"very-likely\""
|
||||||
|
],
|
||||||
|
"type": "uses"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"dest-uuid": "edc5e045-5401-42bb-ad92-52b5b2ee0de9",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"very-likely\""
|
||||||
|
],
|
||||||
|
"type": "uses"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"dest-uuid": "2ccaccd0-8362-4224-8497-2012e7cc7549",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"very-likely\""
|
||||||
|
],
|
||||||
|
"type": "uses"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"dest-uuid": "e72a0bde-ea5b-4450-bc90-b5d2dca697b4",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"very-likely\""
|
||||||
|
],
|
||||||
|
"type": "uses"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"dest-uuid": "46cbafbc-8907-42d3-9002-5327c26f8927",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"very-likely\""
|
||||||
|
],
|
||||||
|
"type": "uses"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"value": "TA575"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 258
|
"version": 258
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue