More RATs added

This commit is contained in:
Alexandre Dulaunoy 2016-03-20 09:17:41 +01:00
parent 4a7d9461f9
commit efc82d734a

View file

@ -8,7 +8,9 @@
"value": "MSUpdater" "value": "MSUpdater"
}, },
{ {
"value": "Poison Ivy" "value": "Poison Ivy",
"description": "Poison Ivy is a RAT which was freely available and first released in 2005.",
"refs": ["https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-poison-ivy.pdf"]
}, },
{ {
"value": "Torn RAT" "value": "Torn RAT"
@ -103,6 +105,28 @@
"value": "AlienSpy", "value": "AlienSpy",
"description": "RAT for Apple OS X platforms" "description": "RAT for Apple OS X platforms"
}, },
{
"value": "Gh0st Rat",
"description": "Gh0st Rat is a well-known Chinese remote access trojan which was originally made by C.Rufus Security Team several years ago.",
"synonyms": ["Gh0stRat, GhostRat"],
"refs": ["http://download01.norman.no/documents/ThemanyfacesofGh0stRat.pdf"]
},
{
"value": "Fakem RAT",
"description": "Fakem RAT makes their network traffic look like well-known protocols (e.g. Messenger traffic, HTML pages). ",
"synonyms": ["FAKEM"],
"refs": ["http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-fakem-rat.pdf"]
},
{
"value": "MFC Huner",
"synonyms": ["Hupigon", "BKDR_HUPIGON"],
"refs": ["http://blog.trendmicro.com/trendlabs-security-intelligence/japan-us-defense-industries-among-targeted-entities-in-latest-attack/"]
},
{
"value": "Blackshades",
"description": "Blackshades Remote Access Tool targets Microsoft Windows operating systems. Authors were arrested in 2012 and 2014.",
"refs": ["https://www.justice.gov/usao-sdny/pr/manhattan-us-attorney-and-fbi-assistant-director-charge-announce-charges-connection","https://blog.malwarebytes.org/intelligence/2012/06/you-dirty-rat-part-2-blackshades-net/"]
},
{ {
"value": "CORESHELL" "value": "CORESHELL"
}, },