mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-22 23:07:19 +00:00
More RATs added
This commit is contained in:
parent
4a7d9461f9
commit
efc82d734a
1 changed files with 25 additions and 1 deletions
|
@ -8,7 +8,9 @@
|
|||
"value": "MSUpdater"
|
||||
},
|
||||
{
|
||||
"value": "Poison Ivy"
|
||||
"value": "Poison Ivy",
|
||||
"description": "Poison Ivy is a RAT which was freely available and first released in 2005.",
|
||||
"refs": ["https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-poison-ivy.pdf"]
|
||||
},
|
||||
{
|
||||
"value": "Torn RAT"
|
||||
|
@ -103,6 +105,28 @@
|
|||
"value": "AlienSpy",
|
||||
"description": "RAT for Apple OS X platforms"
|
||||
},
|
||||
{
|
||||
"value": "Gh0st Rat",
|
||||
"description": "Gh0st Rat is a well-known Chinese remote access trojan which was originally made by C.Rufus Security Team several years ago.",
|
||||
"synonyms": ["Gh0stRat, GhostRat"],
|
||||
"refs": ["http://download01.norman.no/documents/ThemanyfacesofGh0stRat.pdf"]
|
||||
},
|
||||
{
|
||||
"value": "Fakem RAT",
|
||||
"description": "Fakem RAT makes their network traffic look like well-known protocols (e.g. Messenger traffic, HTML pages). ",
|
||||
"synonyms": ["FAKEM"],
|
||||
"refs": ["http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-fakem-rat.pdf"]
|
||||
},
|
||||
{
|
||||
"value": "MFC Huner",
|
||||
"synonyms": ["Hupigon", "BKDR_HUPIGON"],
|
||||
"refs": ["http://blog.trendmicro.com/trendlabs-security-intelligence/japan-us-defense-industries-among-targeted-entities-in-latest-attack/"]
|
||||
},
|
||||
{
|
||||
"value": "Blackshades",
|
||||
"description": "Blackshades Remote Access Tool targets Microsoft Windows operating systems. Authors were arrested in 2012 and 2014.",
|
||||
"refs": ["https://www.justice.gov/usao-sdny/pr/manhattan-us-attorney-and-fbi-assistant-director-charge-announce-charges-connection","https://blog.malwarebytes.org/intelligence/2012/06/you-dirty-rat-part-2-blackshades-net/"]
|
||||
},
|
||||
{
|
||||
"value": "CORESHELL"
|
||||
},
|
||||
|
|
Loading…
Reference in a new issue