VVX7
e4998efec9
chg: [galaxy] added AMITT galaxy/cluster generator script
2019-10-08 13:52:08 -04:00
VVX7
a0357c735e
chg: [galaxy] version number to int
2019-10-07 19:19:45 -04:00
VVX7
0a29445b44
new: [galaxy] AMITT (Adversarial Misinformation and Influence Tactics and Techniques) framework for describing disinformation incidents. AMITT is part of misinfosec - work on adapting information security practices to help track and counter misinformation - and is designed as far as possible to fit existing infosec practices and tools.
2019-10-07 19:07:25 -04:00
Deborah Servili
c27385cfa4
jq
2019-10-07 14:38:16 +02:00
Deborah Servili
5355910a8f
add legitimate tools
2019-10-07 13:38:40 +02:00
Deborah Servili
19452d8c1f
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2019-10-07 11:07:00 +02:00
Deborah Servili
569d453ff2
update version
2019-10-07 11:06:27 +02:00
Deborah Servili
0795eecd01
add PlugX rat sysnonyms
2019-10-07 11:04:33 +02:00
ac8236d16d
chg: [misp-galaxy] jq all the things
2019-10-03 14:46:07 +02:00
9e82b025b5
chg: [tool] COMPfun - Reductor added
...
Ref: https://securelist.com/compfun-successor-reductor/93633/
2019-10-03 14:25:44 +02:00
Deborah Servili
cb774002c9
add Sodinokibi synonym
2019-10-02 11:44:54 +02:00
Deborah Servili
82824be700
fix empty string
2019-09-30 12:55:31 +02:00
Deborah Servili
b7c9d3e034
jq
2019-09-30 11:56:28 +02:00
Deborah Servili
fca032ea73
add TVSPY tool
2019-09-30 10:45:53 +02:00
Deborah Servili
f6c075c3df
WIP update target info
2019-09-27 16:22:01 +02:00
Deborah Servili
c305640290
new galaxy - Region based on UN M49
2019-09-26 13:01:41 +02:00
Deborah Servili
d0068b0ce0
WIP update target info
2019-09-25 15:39:02 +02:00
Deborah Servili
a4b59f647c
jq
2019-09-25 13:41:55 +02:00
Deborah Servili
335402c886
Merge branch 'master' of https://github.com/MISP/misp-galaxy into target-location-galaxy
2019-09-25 13:39:33 +02:00
Deborah Servili
bb3f9dc183
WIP update target info - fix empty string
2019-09-25 13:31:46 +02:00
309109eb27
chg: [threat-actor] new LookBack (Malware?Campaign?TA?)
...
Signed-off: During MISP training
2019-09-25 12:12:34 +02:00
Deborah Servili
9068e3c742
WIP update target info
2019-09-25 11:46:10 +02:00
a5ae130916
chg: [threat-actor] Evil Eye and POISON CARP
...
Ref: https://citizenlab.ca/2019/09/poison-carp-tibetan-groups-targeted-with-1-click-mobile-exploits/
Signed-off: Jean-Louis during training session
2019-09-25 11:27:03 +02:00
Deborah Servili
83ee520dd5
WIP update target info
2019-09-25 09:44:34 +02:00
Deborah Servili
638cdd4198
version update
2019-09-20 14:54:56 +02:00
Deborah Servili
b9b4b9c651
Add Tortoiseshell thrat actor
2019-09-20 14:53:25 +02:00
Deborah Servili
6d88367497
moar clusters
2019-09-20 09:50:37 +02:00
42f457fc22
Merge pull request #457 from rmkml/master
...
Add Mr.Dec Ransomware
2019-09-17 10:17:11 +02:00
rmkml
5631d210a0
Add Mr.Dec Ransomware
2019-09-17 00:44:56 +02:00
cc134d7dff
Merge pull request #456 from rmkml/master
...
Add Hildacrypt Ransomware
2019-09-15 18:24:03 +02:00
rmkml
dff982be20
Add Hildacrypt Ransomware
2019-09-14 21:49:16 +02:00
55da11f8ba
Merge pull request #455 from rmkml/master
...
Add InnfiRAT
2019-09-14 08:16:35 +02:00
rmkml
f907797d41
Add InnfiRAT
2019-09-14 00:08:54 +02:00
Deborah Servili
7e892eaa7d
update target information [draft]
2019-09-13 16:35:20 +02:00
Deborah Servili
2588df01cc
update target information
2019-09-12 16:22:11 +02:00
StefanKelm
db2b5a13ef
Update threat-actor.json
...
Silent Librarian
2019-09-12 11:57:03 +02:00
Deborah Servili
1eb23bc55b
update target information
2019-09-12 11:10:41 +02:00
Deborah Servili
6c430ad21e
improve target-information
2019-09-11 16:32:29 +02:00
rmkml
7c89cb308c
Merge branch 'master' into master
2019-09-07 19:52:05 +02:00
rmkml
dfc6321e0c
Add AsyncRAT
2019-09-07 19:43:08 +02:00
Deborah Servili
718ea55dd7
Merge branch 'master' into master
2019-09-04 14:42:47 +02:00
Deborah Servili
9e3a998dfc
aff SectorJ04 group
2019-09-03 15:51:21 +02:00
9690d070ab
Merge pull request #450 from rmkml/master
...
Add Buran Ransomware
2019-09-02 07:39:19 +02:00
rmkml
28ec696272
Add Buran Ransomware
2019-09-01 21:20:28 +02:00
Daniel Plohmann
f40b7dd132
'SectorJ04 Group' as alias introduced by NSHC for TA505
...
Not explicitly mentioned in the blog post but it looks like we just got an alias for TA505... https://threatrecon.nshc.net/2019/08/29/sectorj04-groups-increased-activity-in-2019/
2019-09-01 15:46:36 +02:00
9920461294
Merge pull request #448 from rmkml/master
...
Add Nemty Ransomware
2019-08-31 21:27:50 +02:00
rmkml
e79310c861
Add Nemty Ransomware
2019-08-31 21:08:50 +02:00
c7e6a17a31
Merge pull request #447 from Delta-Sierra/target-location-galaxy
...
improve more clusters
2019-08-30 16:37:39 +02:00
Deborah Servili
5504c10e3d
improve more clusters
2019-08-30 16:32:02 +02:00
b986f06cb4
Merge pull request #446 from wagner-certat/tool-empty-strings
...
Add test for empty strings
2019-08-30 11:10:16 +02:00
0966e58da6
Merge branch 'master' of github.com:MISP/misp-galaxy
2019-08-30 11:06:29 +02:00
f5056ff02e
chg: [threat-actor] add machete-apt synonyms as reported in #445
2019-08-30 11:03:30 +02:00
Deborah Servili
2c248db419
Merge pull request #441 from Delta-Sierra/target-location-galaxy
...
More clusters improved
2019-08-30 10:15:56 +02:00
Sebastian Wagner
e13087a9c4
target-information: fix territory-type for China
2019-08-30 10:08:19 +02:00
StefanKelm
49f8f60a85
Update threat-actor.json
...
Add ITG08 as synonym for FIN6
2019-08-29 13:13:00 +02:00
8d78a2a108
chg: [threat-actor] jq all
2019-08-29 08:31:10 +02:00
791c88f2eb
Merge branch 'master' of https://github.com/Delta-Sierra/misp-galaxy into Delta-Sierra-master
2019-08-29 08:30:41 +02:00
Deborah Servili
395dd93e0f
add Asruex Backdoor
2019-08-28 15:40:03 +02:00
9926ea8826
chg: [threat-actor] LYCEUM added - 443 #fixed
2019-08-28 14:35:12 +02:00
Deborah Servili
ea68336b96
add ref for Gamaredon
2019-08-27 08:28:58 +02:00
Deborah Servili
300e3c2bfb
More clusters improved
2019-08-26 17:50:20 +02:00
775b6d1a09
Merge pull request #440 from Delta-Sierra/target-location-galaxy
...
Target location galaxy
2019-08-23 16:29:23 +02:00
Deborah Servili
fcded146c2
More clusters improved
2019-08-23 16:01:12 +02:00
Deborah Servili
bae47241f0
More clusters improved
2019-08-23 11:14:14 +02:00
a68577a967
Merge pull request #439 from Delta-Sierra/target-location-galaxy
...
Target location galaxy
2019-08-22 16:24:57 +02:00
Deborah Servili
a579c041d2
More clusters improved
2019-08-22 15:59:11 +02:00
Deborah Servili
b7a97d1baf
More clusters improved
2019-08-22 11:49:09 +02:00
Deborah Servili
6944236943
more countries
2019-08-20 15:24:16 +02:00
Sebastian Wagner
38aebbf42a
remove empty strings
2019-08-19 17:04:07 +02:00
Deborah Servili
93ca9a3123
Merge pull request #437 from Delta-Sierra/target-location-galaxy
...
Target location galaxy
2019-08-19 08:57:48 +02:00
Deborah Servili
754f8f2a48
complete more cluster + country is now an array
2019-08-14 16:30:28 +02:00
Deborah Servili
3e651e2d74
target-informatione - add membership member-of attribute - Example:member-of NATO
2019-08-13 15:36:10 +02:00
6ca4e4cb17
Merge pull request #436 from Delta-Sierra/target-location-galaxy
...
Target location galaxy
2019-08-13 15:17:41 +02:00
Deborah Servili
e00f139fa2
jq
2019-08-13 13:01:36 +02:00
Deborah Servili
9accc832e3
change attribute name
2019-08-13 12:08:03 +02:00
Deborah Servili
389a82701a
jq
2019-08-13 11:57:28 +02:00
Deborah Servili
e946ce66db
complete some clusters
2019-08-13 11:55:18 +02:00
d48d2ccd3e
Merge pull request #435 from hackunagi/master
...
Adding Amavaldo Banking Trojan
2019-08-10 18:53:05 +02:00
3841447e16
Merge pull request #434 from r0ny123/patch-1
...
added microsoft naming for the groups
2019-08-10 18:52:26 +02:00
Thomas Dupuy
df5c9057a1
add synonyme for Turla
2019-08-09 17:34:22 -04:00
Carlos Borges
d96dc39c5a
Adding Amavaldo Banking Trojan
2019-08-09 18:00:37 -03:00
Rony
feac39db6b
added microsoft naming for the groups
2019-08-09 22:19:09 +05:30
Thomas Dupuy
320e298549
update victims
2019-08-09 10:45:10 -04:00
Thomas Dupuy
1988662ee5
add APT41
2019-08-09 10:24:06 -04:00
Deborah Servili
e239619d15
jq
2019-08-06 15:42:20 +02:00
Deborah Servili
53df0908c7
update version
2019-08-06 15:34:23 +02:00
Deborah Servili
4bef48b33e
add Amavaldo
2019-08-06 13:28:32 +02:00
Nils Kuhnert
17925f3e10
Remove local file link :)
2019-08-03 18:55:00 +02:00
Deborah Servili
21318cdf3d
fix building mistakes
2019-08-02 16:28:32 +02:00
7913adad61
chg: [threat-actor] rollback as discussed by chat with Andras until version 2.0
2019-08-02 16:08:40 +02:00
Andras Iklody
984be50396
lowercased value field for DarkHotel
2019-08-02 15:40:31 +02:00
17452d31a7
chg: [att&ck] July ATT&CK release included in MISP galaxy
2019-08-01 15:51:03 +02:00
a401ff7405
Merge branch 'master' into patch-13
2019-08-01 08:52:27 +02:00
Daniel Plohmann
0367e16ce0
adding secureworks actor names for energetic bear and teamspy
2019-07-31 14:35:09 +02:00
Daniel Plohmann
a4a72d0698
adding Proofpoint's TA428
2019-07-31 14:08:50 +02:00
Deborah Servili
08f713cb7d
add tld
...
Signed-off-by: Deborah Servili <deborah.servili@gmail.com>
2019-07-26 16:22:45 +02:00
Deborah Servili
427b424cf7
rename galaxy target-location -> target-information
2019-07-19 13:49:43 +02:00
Deborah Servili
294a8bf6a2
new galaxy target-location [DRAFT]
2019-07-19 10:30:47 +02:00
Deborah Servili
2861d2d78c
jq
2019-07-16 10:13:10 +02:00
Deborah Servili
ea4d8a2d42
add SWEED threat actor
2019-07-16 10:03:07 +02:00
Deborah Servili
ca45f0deec
jq
2019-06-24 10:22:38 +02:00
Deborah Servili
32ffc98e5d
add Felipe Trojan
2019-06-24 10:20:29 +02:00
9517c8b878
chg: [threat-actor] version updated
2019-06-20 17:58:35 +02:00
8c90f7231c
chg: [threat-actor] duplicated refs removed
2019-06-20 17:35:35 +02:00
5e9d075ae5
chg: [threat-actor] synonyms fixed
2019-06-20 17:30:01 +02:00
195406cc6b
chg: [threat-actor] jq everything
2019-06-20 17:27:55 +02:00
d018519700
Merge branch 'master' of https://github.com/Delta-Sierra/misp-galaxy
2019-06-20 17:23:04 +02:00
Deborah Servili
30f042211b
fix duplicate
2019-06-20 16:35:49 +02:00
Deborah Servili
a984786c8b
update threat actor galaxy
2019-06-20 16:25:23 +02:00
Rony
7afb9083b2
Update threat-actor.json
2019-06-19 23:29:35 +05:30
Deborah Servili
4bd37e2b2d
update threat actor galaxy
2019-06-19 16:38:04 +02:00
Deborah Servili
52e51833de
update threat actor galaxy
2019-06-18 16:05:49 +02:00
Deborah Servili
431e7a36c1
update threat actor galaxy
2019-06-17 16:36:42 +02:00
Deborah Servili
b966369933
##COMMA##
2019-06-14 16:35:55 +02:00
Deborah Servili
1e5292d999
fix duplicate
2019-06-14 16:21:33 +02:00
Deborah Servili
ead217eb28
Update version
2019-06-14 16:11:02 +02:00
Deborah Servili
98f0572d51
update threat actor galaxy
2019-06-14 16:06:09 +02:00
Deborah Servili
b040f9f57b
fix duplicate and links update (APT34)
2019-06-14 08:41:38 +02:00
Deborah Servili
2001652dae
fix duplicate
2019-06-14 08:28:44 +02:00
Deborah Servili
20e77afcc3
update threat actor galaxy
2019-06-13 16:19:21 +02:00
Deborah Servili
11c2f43c9f
tryto fix duplicate
2019-06-13 11:26:42 +02:00
Deborah Servili
e4245ee991
update threat actor galaxy
2019-06-12 16:25:24 +02:00
Deborah Servili
5a3d7e816f
fix duplicate
2019-06-12 09:24:05 +02:00
Deborah Servili
01fade422f
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2019-06-12 09:20:38 +02:00
Deborah Servili
1ba7f19ca2
update threat actor galaxy
2019-06-11 16:14:58 +02:00
Deborah Servili
347ed5d529
jq
2019-06-11 15:57:21 +02:00
Deborah Servili
79f11de6db
update threat actor galaxy
2019-06-11 15:54:39 +02:00
Deborah Servili
d6b458520b
update threat actor galaxy
2019-06-11 11:57:04 +02:00
8c69da1fd9
Merge pull request #413 from Delta-Sierra/master
...
update threat actor galaxy
2019-06-07 20:14:49 +02:00
Deborah Servili
1f2e59addb
update Threat actor galaxy
2019-06-07 16:34:43 +02:00
Deborah Servili
185763a63a
update threat actor
2019-06-06 16:34:09 +02:00
Deborah Servili
b809b9cfbb
update threat actor darkhotel (nemim might be a typo)
2019-06-06 11:58:19 +02:00
Deborah Servili
189c3066a5
update threat actor
2019-06-04 16:32:39 +02:00
3948cc24c1
Merge pull request #412 from Delta-Sierra/master
...
update threat actors and tools
2019-06-04 09:56:47 +02:00
Deborah Servili
468800ed59
FlawedAmmy RAT
2019-06-04 09:10:44 +02:00
Deborah Servili
a6c9d335ee
fix multiple refs
2019-06-04 08:52:34 +02:00
Deborah Servili
b47863f1c1
update threat actors
2019-05-29 16:18:50 +02:00
Deborah Servili
f48167ce77
update threat actors
2019-05-29 15:34:20 +02:00
Deborah Servili
f4cf3464ce
update threat actors and tools
2019-05-28 16:05:54 +02:00
9eac2a3923
Merge pull request #411 from Delta-Sierra/master
...
update threat-actor galaxy
2019-05-28 09:37:14 +02:00
Deborah Servili
bf19ed9d8d
fix merge mistakes
2019-05-28 09:26:24 +02:00
Deborah Servili
77d20739db
update threat actor
2019-05-28 09:24:29 +02:00
Deborah Servili
940762e0c5
update threat actor
2019-05-28 09:22:26 +02:00
Deborah Servili
0bb1420ab7
update threat-actor galaxy
2019-05-27 16:38:01 +02:00
Deborah Servili
af6241fd20
update Anchor Panda Threat Actor
2019-05-27 11:47:05 +02:00
555a87275f
Merge pull request #409 from rmkml/master
...
Add GetCrypt Ransomware
2019-05-25 13:56:30 +02:00
rmkml
de9cc6898a
Add GetCrypt Ransomware
2019-05-25 13:30:15 +02:00
3420e50bfd
Merge pull request #408 from rmkml/master
...
Add Phobos Ransomware
2019-05-25 08:42:26 +02:00
1ece51ed48
chg: [branded_vulnerability] version updated
2019-05-25 08:41:33 +02:00
rmkml
6f140ce358
Merge branch 'master' into master
2019-05-25 00:03:34 +02:00
Deborah Servili
0d97013022
add BlueKeep
2019-05-24 15:55:58 +02:00
Deborah Servili
9d8d5ce1c8
fix ransomware ransomnotes
2019-05-23 16:23:09 +02:00
Deborah Servili
f5a7efaadc
jq
2019-05-23 12:39:53 +02:00
Deborah Servili
b4e4d2e539
rework of ransomware galaxy
2019-05-23 12:39:33 +02:00
Daniel Plohmann
1cc0137c38
adding TA542 to MUMMY SPIDER (emotet)
2019-05-17 17:36:57 +02:00
Rony
380006ecbb
merging Pacifier & Turla
2019-05-16 23:57:49 +05:30
32af463dd1
Merge pull request #403 from Delta-Sierra/master
...
add Reaver and probably related tools
2019-05-16 17:04:14 +02:00
Deborah Servili
9f801122da
add Reaver and probably related tools
2019-05-16 15:45:03 +02:00
Daniel Plohmann
a20f7fbe91
adding APT31/ZIRCONIUM
2019-05-15 22:43:33 +02:00
rmkml
cd58833770
Add Phobos Ransomware
2019-05-15 21:02:32 +02:00
Raphaël Vinot
59869bf145
fix: o365-exchange-techniques (duplicate values, duplicate UUIDs)
2019-05-13 11:15:38 +02:00
Deborah Servili
f8e356e042
Merge pull request #400 from Delta-Sierra/master
...
add Sodinokibi
2019-05-13 08:50:26 +02:00
678b2a5621
chg: [o365-exchange-techniques] Actions on Intent added (finalized)
2019-05-12 18:25:01 +02:00
5d1565152c
chg: [o365-exchange-techniques] Expansion added (WiP)
2019-05-12 18:19:00 +02:00
ee0f793e49
chg: [o365-exchange-techniques] Persistence kill-chain added (WiP)
2019-05-12 17:54:53 +02:00
3a75c6a3df
chg: [o365-exchange-techniques] Compromise row added (WiP)
2019-05-12 12:07:30 +02:00
a2df5c46d8
chg: [o365-exchange-techniques] [WiP] based on John Lambert matrix techniques
2019-05-12 09:51:41 +02:00
Rony
7c0ea4949a
Update threat-actor.json
2019-05-12 11:11:09 +05:30
Deborah Servili
5bbb0ab53d
add Sodinokibi
2019-05-08 15:54:37 +02:00
Raphaël Vinot
82ebbc6612
fix: UUID issues
2019-05-07 12:09:39 +02:00
Raphaël Vinot
988586fde0
fix: Duplicate values, typos.
2019-05-06 17:17:16 +02:00
36f317b4a8
Merge pull request #395 from Delta-Sierra/master
...
add Scranos
2019-05-03 16:22:20 +02:00
Deborah Servili
ad00477c87
add Scarnos
2019-05-03 15:55:19 +02:00
6aa7c39714
Merge pull request #394 from StefanKelm/master
...
Update threat-actor.json
2019-05-02 16:50:25 +02:00
20007e7b7c
Merge pull request #393 from Delta-Sierra/master
...
add AESDDoS Botnet and JasperLoader
2019-05-02 16:48:55 +02:00
StefanKelm
7e329855b2
Update threat-actor.json
...
Silent Librarian / COBALT DICKENS
2019-05-02 15:34:19 +02:00
b77087d59e
chg: [malpedia] duplicates fixed
2019-05-02 14:48:17 +02:00
b706738d46
chg: [malpedia] jq all the things
2019-05-02 14:47:00 +02:00
1ddb38341b
Merge branch 'master' of https://github.com/nao-sec/misp-galaxy into nao-sec-master
2019-05-02 14:46:34 +02:00
Deborah Servili
dda2ede5f2
add JasperLoader
2019-05-02 13:02:00 +02:00
Deborah Servili
f51f13e84b
add AESDDoS Botnet
2019-05-02 10:15:26 +02:00
37da9bebdf
chg: [threat-actor] FIN4 updates
2019-05-01 17:41:03 +02:00
Rony
0afaf81438
Update threat-actor.json
2019-05-01 15:54:38 +05:30
Rony
c565f61761
Update threat-actor.json
2019-05-01 15:51:56 +05:30
Rony
3b185d8435
Update threat-actor.json
2019-05-01 15:40:10 +05:30
Rony
ed351b4eae
updated FIN4
2019-05-01 15:24:59 +05:30
94466d8196
chg: [ATT&CK] updated to the latest version
2019-04-30 19:07:57 +02:00
Rintaro KOIKE
57735a5b5c
chg: [malpedia] updated to the latest version
...
Ref: https://malpedia.caad.fkie.fraunhofer.de/api/get/misp
2019-04-30 20:41:12 +09:00
f9a030ce54
chg: [exploit-kit] jq all the things
2019-04-28 19:12:06 +02:00
82a85d1651
Merge branch 'master' of https://github.com/Kafeine/misp-galaxy into Kafeine-master
2019-04-28 19:11:20 +02:00
Kafeine
915b673b7a
+= Spelevo
2019-04-28 12:24:48 +02:00
2405f1c59e
chg: [tool] Cowboy and KimJongRAT (Sorry Paul, we forgot ;-)
...
ref: https://unit42.paloaltonetworks.com/babyshark-malware-part-two-attacks-continue-using-kimjongrat-and-pcrat/
2019-04-27 09:33:55 +02:00
094f0e0684
chg: [tool] jq all the things
2019-04-24 12:58:49 +02:00
088e7477a6
chg: [tool] Karkoff tool added
2019-04-24 11:40:06 +02:00
Rony
292df2360a
more report on APT36
2019-04-22 11:05:21 +05:30
Deborah Servili
8ac7aec85c
add Sea Turtle campaign
2019-04-19 13:21:11 +02:00
Deborah Servili
39a416e9e7
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2019-04-19 11:54:26 +02:00
Christophe Vandeplas
ecc63cf166
chg; [threat-actor] validate + version bump
2019-04-17 21:01:55 +02:00
Christophe Vandeplas
d5fd896bb0
Merge pull request #385 from bartblaze/master
...
Add Whitefly
2019-04-17 20:53:15 +02:00
Deborah Servili
3abfe9fa48
merge
2019-04-17 16:06:50 +02:00
Bart
e1cab68683
Add Whitefly
2019-04-17 12:27:18 +01:00
Deborah Servili
83b900ecc2
Merge pull request #384 from r0ny123/patch-3
...
fixed the broken link
2019-04-17 08:27:09 +02:00
Deborah Servili
d72ea0d83a
Merge pull request #383 from rmkml/master
...
Add BigBobRoss Ransomware
2019-04-17 08:26:42 +02:00
Rony
d98aefa186
fixed the broken link
2019-04-17 09:17:23 +05:30
rmkml
d16cc2e184
Add Cr1ptt0r Ransomware
2019-04-14 20:49:36 +02:00
rmkml
271143519d
Add SpelevoEK
2019-04-13 23:04:25 +02:00
rmkml
55f6d28388
Add Planetary Ransomware
2019-04-13 22:41:37 +02:00
rmkml
356c485459
Add BigBobRoss Ransomware
2019-04-13 22:06:53 +02:00
9f20c7aac1
Merge pull request #382 from rmkml/master
...
Add Caesar RAT
2019-04-13 22:02:40 +02:00
rmkml
747dd3f90d
Add Caesar RAT
2019-04-13 21:47:24 +02:00
30baec12e9
Merge pull request #381 from rmkml/master
...
Add Tellyouthepass Ransomware
2019-04-13 20:01:30 +02:00
rmkml
9aa6244ed9
Add Ave Maria Stealer
2019-04-13 17:01:31 +02:00
rmkml
86323ca948
Add Tellyouthepass Ransomware
2019-04-13 16:38:46 +02:00
bc0949c357
Merge pull request #380 from bartblaze/master
...
Add DoNot team references
2019-04-13 09:29:35 +02:00
903612178f
Merge pull request #379 from rmkml/master
...
Add BlackWorm Ransomware
2019-04-13 09:29:02 +02:00
rmkml
f94e138b27
Add Vidar Stealer
2019-04-12 23:31:30 +02:00
rmkml
54cd80ee2d
Add Brushaloader Malware
2019-04-12 22:42:57 +02:00
Bart
3256cca9e0
Add DoNot team references
2019-04-12 21:12:16 +01:00
rmkml
25597c24f7
Add BlackWorm Ransomware
2019-04-12 21:29:13 +02:00
d7b4908aa3
Merge branch 'patch-8' of https://github.com/danielplohmann/misp-galaxy into danielplohmann-patch-8
2019-04-12 05:58:47 +02:00
Daniel Plohmann
159225b6cf
Based on additional research, APT36 can actually be merged into Mythic Leopard
2019-04-11 22:29:49 +02:00
Rony
7987c8f023
Update threat-actor.json
2019-04-12 01:56:12 +05:30
Rony
2fc914b2f9
Update threat-actor.json
2019-04-12 01:06:50 +05:30
Rony
60e4a486a7
adding additional resources for APT36
2019-04-11 23:55:51 +05:30
rmkml
eb90e99daf
Add Globe Imposter Ransomware
2019-04-10 22:37:54 +02:00
rmkml
6467fe5849
Add Parasite HTTP RAT
2019-04-09 22:27:28 +02:00
Daniel Plohmann
df5301eab5
adding FireEye's TMP.Lapis / APT36
2019-04-09 08:38:44 +02:00
Deborah Servili
c69a18c723
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2019-04-02 08:21:41 +02:00
a0234020bc
chg: [ransomware] various fixes
2019-04-01 19:49:00 +02:00
d23e533cdb
chg: [ransomware] jq all the things(tm)
2019-04-01 19:44:05 +02:00
36895a2163
chg: [ransomware] fix the meta to payment-method
2019-04-01 19:40:30 +02:00
0fa6cf25ba
Merge branch 'master' of https://github.com/ismasma/misp-galaxy into ismasma-master
2019-04-01 19:38:23 +02:00
Deborah Servili
272ea3ba4a
add ref for Ryuk and LockerGoga ransomwares
2019-03-28 15:58:00 +01:00
ac6276a906
Merge pull request #371 from Delta-Sierra/master
...
Add Operation ShadowHammer
2019-03-26 22:25:22 +01:00
Deborah Servili
6027d546f2
Add Operation ShadowHammer
2019-03-26 10:40:29 +01:00
Deborah Servili
575dd64582
add relationship between Cardinal RAT and EVILNUM
2019-03-26 08:41:11 +01:00
52f088efc9
Merge branch 'master' of https://github.com/Delta-Sierra/misp-galaxy into Delta-Sierra-master
2019-03-21 20:51:59 +01:00
Daniel Plohmann
e0bb3d76a6
added APT-C-27 / GoldMouse
2019-03-21 18:06:03 +01:00
Deborah Servili
d0383b460f
jq
2019-03-21 09:15:16 +01:00
Deborah Servili
0fd04fa619
Merge branch 'master' into master
2019-03-21 08:42:30 +01:00
Deborah Servili
3c207f69be
add Cardinal RAT ref
2019-03-20 16:11:50 +01:00
Deborah Servili
f86c748b8c
add AOT-C-27 Goldmouse
2019-03-20 15:45:20 +01:00
Raphaël Vinot
6be42e6a1a
fix: Make validate all happy
2019-03-20 12:58:18 +01:00
04accabaab
chg: [mitre att&ck] updated with new version
2019-03-20 12:37:38 +01:00
Deborah Servili
b2e1d5551f
add SPOILER vulnerability + other minor changes
2019-03-20 11:47:58 +01:00
b2538a1f8a
chg: [threat-actor] change attribution confidence to be a string by default
2019-03-19 16:51:41 +01:00
095b0a4d81
chg: [attck4fraud] updated
2019-03-19 16:33:27 +01:00
3cf53b670e
chg: [attck4fraud] completed
2019-03-19 16:02:08 +01:00
2b619dd9b7
chg: [attck4fraud] Assets Transfer added
2019-03-19 15:52:33 +01:00
75b4a3a951
chg: [attck4fraud] Obtain Fraudulent Assets added
2019-03-19 15:44:16 +01:00
bf6a605f6d
chg: [attck4fraud] Perform fraud added
2019-03-19 15:33:46 +01:00
e398cc3ef2
chg: [attck4fraud] Target compromise updated
2019-03-19 15:17:25 +01:00
e26918d749
chg: [attck4fraud] more techniques
2019-03-19 15:08:44 +01:00
4f454493b7
chg: [threat-actor] BRONZE UNION is also uppercase
2019-03-19 14:47:03 +01:00
9a6b597387
chg: [threat-actor] updated the version to avoid the past issue with 0 value for integer values
2019-03-19 14:44:49 +01:00
c2f10410f5
chg: [sector] typo fixed - reported in #364
2019-03-19 12:36:19 +01:00
e56cb33097
chg: [attck4fraud] fix the type issue
2019-03-19 10:03:33 +01:00
a80283672c
chg: [attck4fraud] uuid fixed
2019-03-19 08:39:08 +01:00
2419a33807
chg: [attck4fraud] ATM Shimming added
2019-03-19 08:33:08 +01:00
779bc4a6a0
chg: [attck4fraud] description fixed for FT1003
2019-03-19 08:11:33 +01:00
3c067c42a8
Merge branch 'master' of github.com:MISP/misp-galaxy
2019-03-19 08:10:36 +01:00
824465d879
add: [attck4fraud] initial attck-like matrix for fraud from https://github.com/burritoblue/attck4fraud (WiP)
2019-03-19 08:09:23 +01:00
78b886b2f0
Merge pull request #363 from Delta-Sierra/master
...
add H-worm RAT
2019-03-19 07:31:04 +01:00
Deborah Servili
3294091600
add H-worm RAT
2019-03-18 16:24:55 +01:00
Bart
dff2a827d6
Update preventive-measure.json
...
Add ACL
2019-03-17 21:47:54 +00:00
Deborah Servili
5ce8aae89e
add Operation Comando - hit version 100
2019-03-15 15:04:29 +01:00
ismasma
379ed61c34
Add payment method and price
2019-03-14 17:12:42 +01:00
5db30ba974
chg: [threat-actor] SandCat added
2019-03-14 06:18:10 +01:00
Thomas Dupuy
60d79b0153
add synonym, no need for uppercase in the name :)
2019-03-13 23:07:10 +01:00
Deborah Servili
ecf76178e7
add attribution-confidence attribute to threat-actor
2019-03-11 11:18:12 +01:00
Deborah Servili
7576d0db02
relations between SLUB Backdoor
2019-03-11 09:01:12 +01:00
Deborah Servili
a65688ec02
Merge branch 'master' of https://github.com/Delta-Sierra/misp-galaxy
2019-03-11 08:51:47 +01:00
Deborah Servili
33dbda1e1e
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2019-03-11 08:51:16 +01:00
Deborah Servili
59ee8a9f13
Merge branch 'master' into master
2019-03-11 08:40:38 +01:00
Deborah Servili
ddab5f7006
Merge branch 'master' into master
2019-03-11 08:40:11 +01:00
139e6c32ed
chg: [threat-actor] new attribution-confidence level introduced
2019-03-11 08:37:49 +01:00
eb665e2883
chg: [threat-actor] jq all the things
2019-03-10 11:15:13 +01:00
bebcc0eb5a
Merge branch 'master' of github.com:MISP/misp-galaxy
2019-03-10 10:48:31 +01:00
6fb1303570
chg: [threat-actor] IRIDIUM added
...
Ref: https://resecurity.com/blog/parliament_races/
2019-03-10 10:47:34 +01:00
Raphaël Vinot
4f3e6335b5
fix: Wrong (duplicate) value.
2019-03-09 06:29:26 +01:00
Deborah Servili
2815e48610
add StealthWorker malware
2019-03-08 15:57:30 +01:00
Deborah Servili
ee034babba
add SLUB backdoor
2019-03-08 14:39:34 +01:00
769e0002ef
chg: [tools] jq all the things
2019-03-08 08:10:42 +01:00
Daniel Plohmann
1d8ada33a0
Update threat-actor.json
...
another actor described by 360TIC.
2019-03-07 17:50:46 +01:00
63419046d4
Merge branch 'master' of github.com:MISP/misp-galaxy
2019-03-07 15:51:44 +01:00
31ba566c18
chg: [tool] SLUB Backdoor added
2019-03-07 15:51:16 +01:00
Deborah Servili
7afd311abc
add Jokeroo RaaS
2019-03-07 15:23:30 +01:00
Daniel Plohmann
cfb807861a
FireEye upgraded TEMP.Periscope to APT40
2019-03-07 14:34:14 +01:00
Deborah Servili
eb0a33eab6
add operation Kabar Cobra
2019-03-06 15:52:49 +01:00
Deborah Servili
ae49090845
add ref for garrantydecrypt
2019-03-04 16:34:52 +01:00
Deborah Servili
6ffb8dd437
add relation between Lazarus Group and Operation SharpShooter
2019-03-04 12:03:05 +01:00
Deborah Servili
19c4fe4d11
add Rising Sun Backdoor
2019-03-04 10:11:26 +01:00
Deborah Servili
bd3fce00e1
add Razdel
2019-02-25 16:35:06 +01:00
f7367ef887
chg: [tool] Xbash description updated
2019-02-23 09:25:14 +01:00
f2159bfaa3
chg: [threat-actor] format fixed
2019-02-22 22:50:42 +01:00
f621b40263
chg: [threat-actor] jq all the things late in the night
2019-02-22 22:47:25 +01:00
d5df0d1064
chg: [threat-actor] uuid fixed
2019-02-22 22:45:28 +01:00
f2c80cbcdd
chg: [tool] BabyShark added
2019-02-22 22:44:44 +01:00
38283f0f86
chg: [threat-actor] STOLEN PENCIL added
2019-02-22 22:41:06 +01:00
243a6280e0
Merge pull request #350 from bartblaze/master
...
Add more info on Lotus Blossom
2019-02-21 23:39:33 +01:00
Bart
06553bbec2
Add more info on Lotus Blossom
...
Add 2 more references, fix typo - Trend calls it "Esile", not "Eslie" as mistakenly stated by CFR. The backdoor itself is commonly referred to as Elise.
2019-02-21 22:31:14 +00:00
08e8aafcf7
chg: [cert-eu-govsector] version fixed
2019-02-21 07:19:04 +01:00
ed132cb1b8
chg: [threat-actor] version fixed
2019-02-21 07:18:16 +01:00
Daniel Plohmann
0cd79994cc
Two more actor names from GTR2019
...
I found two more actor names while going again over the crowdstrike's report and updating the cross-references to malpedia.
2019-02-19 22:38:11 +01:00
Daniel Plohmann
85ec27b4c4
Added missing actors from CrowdStrike GTR2019
2019-02-19 18:26:01 +01:00
Itay Cohen
7d9dc1ec9d
Fix 404'd reference of BuhTrap
2019-02-17 11:33:11 +02:00
9ad8a76a38
chg: [ransomware] no related object in meta
2019-02-15 10:30:20 +01:00
34042abe23
new: Added draft of the election guildelines galaxy
2019-02-15 08:44:33 +01:00
Deborah Servili
5bf18ffd23
Merge branch 'master' into master
2019-02-14 16:29:04 +01:00
Deborah Servili
9c450a80d4
add Gallmaker and other clusters
2019-02-14 16:04:54 +01:00
Deborah Servili
2794a20589
add OSX/Shlayer and some refs
2019-02-14 12:42:28 +01:00
ad0ef66b0a
chg: [tool] jq jq jq jq jq jq jq jq
2019-02-12 21:41:33 +01:00
Thomas Dupuy
95a70d09a5
add ANEL/UPPERCUT in tool cluster
2019-02-12 12:19:23 -05:00
Deborah Servili
8aeed60a24
Add Siesta campaign
2019-02-11 16:30:46 +01:00
João Neto
662cc5a012
Updated "Iran" name
...
This extra space leads to an unnecessary key error when parsing the json file
2019-02-08 16:50:22 +01:00
Nils Kuhnert
fc16f4f69c
Added Velvet Chollima as synonym to Kimsuki
2019-02-08 08:50:05 +01:00
Christophe Vandeplas
e5f74c8fdc
Merge pull request #336 from 3c7/synonym/static-kitten
...
Added static kitten as synonym for MuddyWater
2019-02-07 08:54:49 +01:00
2bbb8a6a43
Merge pull request #334 from 3c7/synonym/cobalt-spider
...
Added Cobalt Spider as Synonym for Cobalt
2019-02-07 08:53:19 +01:00
Nils Kuhnert
9778bea81e
Added Cobalt Spider reference
2019-02-07 08:41:00 +01:00
Nils Kuhnert
523a52c4db
Added static kitten as synonym for MuddyWater
2019-02-07 08:38:52 +01:00
Nils Kuhnert
0049acd81c
Added Turbine Panda as synonym for APT 26
2019-02-07 08:28:48 +01:00
Nils Kuhnert
5a077cf838
Added Cobalt Spider as Synonym for Cobalt
2019-02-07 08:26:10 +01:00
Nils Kuhnert
a171d5aa9d
Added Ocean Buffalo synonym for Ocean Lotus
2019-02-03 21:36:21 +01:00
b9f1317941
Merge pull request #332 from Delta-Sierra/master
...
Add APT39 & LockerGoga
2019-02-01 18:36:12 +01:00
Nils Kuhnert
0b04046d91
Added Quilted Tiger as Synonym for Patchwork/Dropping Elephant.
2019-02-01 13:17:43 +01:00
Deborah Servili
233b7f3aff
add APT39
2019-01-31 18:48:19 +01:00
Deborah Servili
b4751d396a
add LockerGoga ransomware
2019-01-30 12:07:19 +01:00
Nils Kuhnert
d45a32e9e2
Added Shadow Crane as synonym for Dark Hotel.
2019-01-30 08:22:46 +01:00
Nils Kuhnert
42ecbd801c
Added "Stardust Chollima" as synonym for Lazarus.
2019-01-29 08:36:12 +01:00
898bdaf7f8
Merge pull request #328 from Delta-Sierra/master
...
add Silence Group
2019-01-25 16:43:08 +01:00
Deborah Servili
c11a31b12a
add Silence Group
2019-01-25 16:19:51 +01:00
Thomas Dupuy
d38fb407ec
add alternative name for DarkHydrus
2019-01-21 23:14:34 -05:00
Deborah Servili
45ed56cd61
add LoJax ref
2019-01-17 10:49:23 +01:00
Deborah Servili
3bdbd6646b
add Cold River Threat actor
2019-01-17 09:44:09 +01:00
Deborah Servili
5d61a75886
fix versions
2019-01-14 16:34:28 +01:00
Deborah Servili
61093f6f07
add several ransomware and threat actors
2019-01-14 16:28:15 +01:00
Deborah Servili
90d2bf7bc1
add drakhydrus ref
2019-01-11 10:17:07 +01:00
Deborah Servili
cddfd5fcd1
TA505 threat actorand affiliates malwares
2019-01-11 09:53:08 +01:00
Deborah Servili
4547b09f49
add hidenad synonym
2019-01-10 11:53:30 +01:00
Deborah Servili
a10a417b0a
add Cryptomix variants refs
2019-01-10 10:03:22 +01:00
Deborah Servili
d3ae9e1e14
update version
2019-01-09 15:54:09 +01:00
Deborah Servili
90e3602db6
add AndroidOS_HidenAd
2019-01-09 15:33:34 +01:00
Deborah Servili
cc0bd96527
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2019-01-09 14:54:33 +01:00
Christophe Vandeplas
0ba220987d
chg: [mitre] bump to latest MITRE ATT&CK dataset
2018-12-29 18:40:21 +01:00
Christophe Vandeplas
50c817a1fd
MITRE galaxy regeneration + updated migration script
2018-12-29 18:14:47 +01:00
Nils Kuhnert
1e4ebdd560
Added OilRig synonym "Helix Kitten".
2018-12-27 09:10:21 +01:00
Kafeine
5766cd68f8
zTDS
2018-12-22 11:51:40 +01:00
Kafeine
ce94cb8458
novidade,taurus
2018-12-22 10:19:52 +01:00
Deborah Servili
91b8da1e9e
add ransomwares
2018-12-20 00:37:49 +01:00
de66295539
Merge pull request #316 from danielplohmann/master
...
New name SNAKEMACKEREL for APT28 by Accenture
2018-12-19 14:06:38 +01:00
Gerard Wagener
7b347017e2
Removed Puplishing industry
2018-12-19 11:45:31 +01:00
Daniel Plohmann
cc22da1200
Microsoft alias for apt29 is YTTRIUM
2018-12-19 11:28:44 +01:00
Daniel Plohmann
c9e15b0c08
new name SNAKEMACKEREL for APT28 by Accenture
2018-12-19 10:46:58 +01:00
27f6b19570
Merge pull request #315 from Delta-Sierra/master
...
add OSX malwares
2018-12-18 17:43:34 +01:00
Deborah Servili
e6fa06f178
add OSX malwares
2018-12-18 16:26:49 +01:00
a04790ac41
chg: [malpedia] updated to the latest version
...
Ref: https://malpedia.caad.fkie.fraunhofer.de/api/get/misp
2018-12-14 19:00:18 +01:00
Deborah Servili
cb4345adf9
add operation sharpshooter
2018-12-13 13:47:54 +01:00
Deborah Servili
a9265d9858
update toll version
2018-12-13 09:44:09 +01:00
Deborah Servili
9f29f297d2
add shamoon synonym
2018-12-13 09:43:20 +01:00
Deborah Servili
3a2ac48faa
fix tool version
2018-12-12 15:39:34 +01:00
Deborah Servili
3ef58f7b21
fix exploit-kit version
2018-12-12 15:38:39 +01:00
Deborah Servili
70d68a312c
add some clusters or info
2018-12-12 15:26:54 +01:00
Deborah Servili
169d69871a
add Goden Chickens and affiliates
2018-12-12 13:52:55 +01:00
Deborah Servili
3183a4d1ff
add ransomwares
2018-12-12 09:27:27 +01:00
Christophe Vandeplas
1a65dfb9f4
chg: [mitre] re-generated galaxies and values using the MITRE sources
...
and also using the MISP version to keep manually created relationships and such
2018-12-09 09:16:03 +01:00
Christophe Vandeplas
39ff6b4bbc
MITRE sorted
...
While dicts were sorted, lists were not yet sorted. This current sort algo is not yet the best, but is a good start. A good sort is needed for better comparison afterwards with automated tools. In a next stage tt will also be needed in the validate_all scripts.
2018-12-09 08:32:48 +01:00
Deborah Servili
bf77e1125a
add Operation Poison Needles
2018-12-07 16:32:09 +01:00
Deborah Servili
79828d7411
add clusters
2018-12-07 13:25:56 +01:00
Deborah Servili
5a725e71ef
add several clusters
2018-12-06 16:13:51 +01:00
ac2b5dbe05
fix: [ransomware] more duplicates removed
2018-12-02 12:00:17 +01:00
2e8f139daa
fix: [ransomware] removed duplicate values
2018-12-02 11:54:34 +01:00
Deborah Servili
be9b4ff40f
add DNSpionage cluster
2018-11-29 16:38:06 +01:00
Deborah Servili
ef54489ea9
add everbe rasomnotes
2018-11-29 15:33:39 +01:00
Deborah Servili
6382857ee3
add ransomwares
2018-11-29 15:23:57 +01:00
Deborah Servili
c81f128d98
add ransomwares
2018-11-27 15:59:26 +01:00
Deborah Servili
6f255c0999
add Aurora Ransomware metadata
2018-11-26 09:30:54 +01:00
Deborah Servili
e5487305f1
add Aurora Ransomware synonym
2018-11-26 08:33:11 +01:00
Deborah Servili
9f5e10abf6
fix version
2018-11-23 16:16:58 +01:00
Deborah Servili
b6b1c7171a
Add Rotexy
2018-11-23 16:15:48 +01:00
Deborah Servili
dac1c08491
update version
2018-11-23 12:42:41 +01:00
Deborah Servili
b50c8bd805
add PNG Dropper
2018-11-23 10:38:36 +01:00
Deborah Servili
1be4a1cedb
add reference for Emotet/Geodo
2018-11-22 09:00:43 +01:00
Deborah Servili
2bf5d46cc4
Merge branch 'master' of https://github.com/Delta-Sierra/misp-galaxy
2018-11-22 08:59:53 +01:00
Deborah Servili
2f5031b845
add several references for Emotet and others
2018-11-22 08:37:45 +01:00
Deborah Servili
de38e7249c
Merge branch 'master' into master
2018-11-19 15:23:45 +01:00
Deborah Servili
ce61b2d2dd
update oilrig related clusters + others
2018-11-19 14:56:13 +01:00
eec7693081
chg: uuid fixed
2018-11-18 06:31:04 +01:00
d324a1c39b
Merge branch 'master' of https://github.com/Delta-Sierra/misp-galaxy into Delta-Sierra-master
2018-11-18 06:29:50 +01:00
Deborah Servili
eb6f6a3f49
fix rat galaxy version
2018-11-16 16:40:23 +01:00
Deborah Servili
77b556d702
jq and add ref in tool galaxy -hit version 100-
2018-11-16 13:11:55 +01:00
Deborah Servili
faa16879da
add TheOneSpy
2018-11-16 13:10:21 +01:00
c9fd60d14b
chg: [threat-actor] INDRIK SPIDER added
2018-11-14 20:46:06 +01:00
Deborah Servili
ca33f1c2ce
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2018-11-13 15:25:34 +01:00
Deborah Servili
f55277b682
add several rqansomware and HookAds campaign
2018-11-13 12:20:37 +01:00
a505995b79
fix: [ransomware] duplicate removed
2018-11-13 07:12:36 +01:00
51d3af11fc
chg: [ransomware] duplicate removed
2018-11-13 07:08:49 +01:00
a4c916c916
Merge branch 'master' of github.com:MISP/misp-galaxy
2018-11-13 07:01:56 +01:00
Benoit Sevens
8f8c69134e
Update threat-actor.json
...
Add LuckyMouse link
2018-11-12 13:12:14 +01:00
Deborah Servili
46dba06e40
add/update ransomawares
2018-11-09 16:34:00 +01:00
Deborah Servili
14444e4321
add several tools and refs
2018-11-08 10:39:32 +01:00
Daniel Plohmann
1f6b606f75
added APT38 as (FireEye) alias for Lazarus
...
cross-references in https://content.fireeye.com/apt/rpt-apt38 suggest the link to Lazarus.
2018-11-07 17:19:50 +01:00
Deborah Servili
954264c084
Merge pull request #296 from Delta-Sierra/master
...
update ransomware galaxy
2018-11-07 09:19:23 +01:00
Deborah Servili
d41a279c73
update ransomware galaxy
2018-11-05 16:23:10 +01:00
8ae3214cd1
Merge pull request #295 from Delta-Sierra/master
...
update Red Alert 2 Android Banking Trojan
2018-11-05 12:37:29 +01:00
Deborah Servili
050a94a2c0
jq fix
2018-11-05 11:01:57 +01:00
Deborah Servili
ae24b71f45
update version
2018-11-05 10:45:54 +01:00
Deborah Servili
5fd4cfa4ee
update Red Alert 2 Android Banking Trojan
2018-11-05 09:50:10 +01:00
Deborah Servili
7813a29460
Merge pull request #294 from Delta-Sierra/master
...
add ransomwares
2018-10-31 16:05:18 +01:00
Deborah Servili
ad07b70a03
add ransomwares
2018-10-31 14:52:40 +01:00
2465235817
Merge pull request #293 from Delta-Sierra/master
...
add Operation EvilTraffic
2018-10-30 21:02:59 +01:00
Deborah Servili
e6b1eec329
add Chalubo botnet (+ jqallthethings)
2018-10-30 14:39:13 +01:00
Deborah Servili
41942d0daf
add Operation EvilTraffic
2018-10-30 13:28:46 +01:00
Deborah Servili
74ff4b957a
add Operation EvilTraffic
2018-10-30 13:28:27 +01:00
Nils Kuhnert
bc0bf1ca9f
Corrected DarkHotel threat actor entry
2018-10-29 09:03:30 +01:00
Deborah Servili
6e8abc0712
fix duplicate ref
2018-10-23 15:37:51 +02:00
Deborah Servili
af6020077e
add August Stealer
2018-10-23 15:25:37 +02:00
Deborah Servili
4a54044de6
add NukeSped reference
2018-10-22 14:50:57 +02:00
Deborah Servili
32d90a27e1
add GhostMiner
2018-10-22 14:46:44 +02:00
Deborah Servili
bd68ee280e
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2018-10-22 11:09:37 +02:00
Deborah Servili
504570a298
add tools from https://github.com/misterch0c/shadowbroker
2018-10-22 11:06:25 +02:00
Deborah Servili
4564c5eb37
add DarkPulsar and affiliates + update some refs
2018-10-22 10:14:30 +02:00
Christophe Vandeplas
4232f0b737
chg: further categorization of galaxies
2018-10-19 14:15:20 +02:00
Christophe Vandeplas
9dddc4427c
jq
2018-10-19 10:23:09 +02:00
Christophe Vandeplas
6a9a9b7e1b
Merge remote-tracking branch 'MISP/master'
2018-10-19 10:18:45 +02:00
Christophe Vandeplas
ddccac58c8
chg: categorization of galaxies
...
This allows relationships to be created.
2018-10-19 10:18:14 +02:00
0ecf34f06e
fix: [malpedia] version
2018-10-18 11:23:48 +02:00
83c6e6bef1
fix: [malpedia] broken reference has been fixed
2018-10-18 11:17:19 +02:00
3771c21218
Merge pull request #287 from cvandeplas/master
...
fixes an important bug in the gen_relations
2018-10-18 11:15:17 +02:00
66ded6d935
Some minor fixes
2018-10-17 20:59:08 +02:00
Christophe Vandeplas
ccebd86eed
fix: add missing relations from commit 78c1f07359
2018-10-17 19:18:16 +02:00
Christophe Vandeplas
2b24efb14a
fix: add missing relations from commit b857be9cab
2018-10-17 19:15:57 +02:00
Christophe Vandeplas
76b1429f10
fix: add missing relations from commit a81bbe288f
2018-10-17 19:13:35 +02:00
Christophe Vandeplas
84af053761
fix: add missing relations from commit 29beb01dc3
2018-10-17 19:07:01 +02:00
Christophe Vandeplas
873bc873b4
Merge remote-tracking branch 'MISP/master'
2018-10-17 18:28:44 +02:00
Christophe Vandeplas
1e90cac717
fix: intrusion is an actor and not a tool
2018-10-17 18:17:33 +02:00
9129724343
Merge pull request #286 from Delta-Sierra/master
...
Several clusters, refs, others.
2018-10-17 17:32:45 +02:00
Deborah Servili
c8cbb609a2
add GreyEnergy
2018-10-17 16:05:51 +02:00
Christophe Vandeplas
ca6c1caa8f
fix: jq all the things
2018-10-17 08:26:45 +02:00
Christophe Vandeplas
2bb4df134b
chg: removal of older unused relationships
2018-10-17 08:20:12 +02:00
Christophe Vandeplas
c51ba2e868
chg: MITRE relationships included in the respective cluster.
2018-10-17 08:08:58 +02:00
Deborah Servili
2ea560f9a7
add refs & synonyms
2018-10-15 12:02:21 +02:00
Deborah Servili
c134035a6d
add several refs
2018-10-15 11:33:37 +02:00
Deborah Servili
8d0c87c830
add several refs
2018-10-15 11:28:01 +02:00
Deborah Servili
11a27df82d
add roaming mantis group
2018-10-12 15:50:52 +02:00
Deborah Servili
b3109f6aea
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2018-10-12 13:55:01 +02:00
Christophe Vandeplas
f26a4f2806
fix: minor newline difference after jq_all_the
2018-10-12 12:31:29 +02:00
Christophe Vandeplas
f14d616e22
chg: magical mapping with malpedia
2018-10-12 11:00:00 +02:00
Christophe Vandeplas
65eb66a739
fix: automatically fix missing uuids
2018-10-12 10:55:24 +02:00
Christophe Vandeplas
2fbd8ce485
jq sort keys
...
Allows automation to edit the files
2018-10-12 10:35:31 +02:00
4ff2a45cbb
chg: [malpedia] duplicate urls removed
2018-10-10 22:18:32 +02:00
2d2749ccea
jq all the things
2018-10-10 22:12:59 +02:00
Steffen Enders
125f676d17
Updated malpedia.json to the current state
...
Fetched the new malpedia galaxy cluster from https://malpedia.caad.fkie.fraunhofer.de/api/get/misp - this includes an additional ~120 new families.
2018-10-10 17:31:27 +02:00
Deborah Servili
4c367737ac
add magecart ref
2018-10-10 14:52:16 +02:00
Deborah Servili
ec6b04cf6a
add SAVEfiles ransomware
2018-10-10 14:05:24 +02:00
Deborah Servili
ed5aa150a7
update version
2018-10-09 11:35:17 +02:00
Deborah Servili
510a37084c
update matrix ransomware
2018-10-08 16:26:58 +02:00
Deborah Servili
5fb9db8282
add Triout Android Malware
2018-10-05 16:21:01 +02:00
Deborah Servili
655b1619e4
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2018-10-05 16:06:25 +02:00
Deborah Servili
58a86e4e26
fix failed copy-paste
2018-10-05 15:53:03 +02:00
8149960aa3
Merge pull request #276 from Delta-Sierra/master
...
add CoalaBot + Kraken Cryptor Ransmware + refs
2018-10-05 15:52:04 +02:00
Davide Arcuri
253fbed356
Added Malpedia Galaxy
...
based on malpedia git repo
Co-Authored-By: garanews <garanews@users.noreply.github.com>
2018-10-05 14:30:31 +02:00
Deborah Servili
80bf2f5556
jq
2018-10-05 12:04:13 +02:00
Deborah Servili
06c4869125
add CoalaBot + Kraken Cryptor Ransmware + refs
2018-10-05 11:09:54 +02:00
Deborah Servili
9225666b92
add CoalaBot + Kraken Cryptor Ransmware + refs
2018-10-05 11:09:45 +02:00
ecba2dbdbf
Merge pull request #274 from Delta-Sierra/master
...
Refs updates
2018-10-04 17:24:57 +02:00
Deborah Servili
7cf37a57f1
add Persirai botnet
2018-10-04 14:17:16 +02:00
Deborah Servili
50fecccf39
update Torii botnet
2018-10-04 13:44:32 +02:00
Deborah Servili
138a4e6f9e
add ref for Torii botnet
2018-10-04 13:41:27 +02:00
Deborah Servili
b45b4ce0b1
add refs
2018-10-04 12:01:26 +02:00
276992f180
Merge pull request #273 from Delta-Sierra/master
...
update synonyms & attributions
2018-10-04 11:17:19 +02:00
Deborah Servili
2893d715d6
Add ZEBROCY tool
2018-10-04 10:52:40 +02:00
Deborah Servili
5bcf34a953
update regarding https://twitter.com/adulau/status/1047764090410737664
2018-10-04 10:28:22 +02:00
Deborah Servili
c78416eee1
update synonyms & attributions
2018-10-04 10:09:34 +02:00
Deborah Servili
123099cd6d
Merge pull request #272 from Delta-Sierra/master
...
New clusters based on CIG Circular 66 – FASTCash ATM Cash Out Campaign
2018-10-03 16:38:33 +02:00
Deborah Servili
4d68b1c205
add NukeSped
2018-10-03 16:28:50 +02:00
Deborah Servili
3dfe8a5a34
add FASTCash
2018-10-03 15:09:14 +02:00
63b777fc9e
Merge pull request #271 from Delta-Sierra/master
...
Several updates
2018-10-01 21:51:11 +02:00
Deborah Servili
403f162451
add ref for magecart
2018-10-01 11:54:07 +02:00
Deborah Servili
35582f7ed5
new threat actors & tools
2018-10-01 11:52:40 +02:00
2402c7d98f
chg: [tool] NOKKI added
...
ref: https://researchcenter.paloaltonetworks.com/2018/09/unit42-new-konni-malware-attacking-eurasia-southeast-asia/
2018-09-29 09:01:47 +02:00
Deborah Servili
3649e03ad5
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2018-09-28 16:28:16 +02:00
Deborah Servili
f828c8f79e
add synonym
2018-09-28 16:18:54 +02:00
Deborah Servili
a27534cfa1
add refs
2018-09-28 15:40:00 +02:00
49fe210812
Merge pull request #270 from Delta-Sierra/master
...
new clusters, relations and information
2018-09-28 12:57:13 +02:00
Deborah Servili
97581d7185
jq
2018-09-28 11:20:38 +02:00
Deborah Servili
fbf21487cf
new clusters and informtion
2018-09-28 11:08:21 +02:00
46eddf1874
chg: [botnet] Torii added
2018-09-27 15:43:49 +02:00
Deborah Servili
78c1f07359
new ransomware and relations
2018-09-27 15:42:20 +02:00
Nex
014aa325b7
Added missing country values
2018-09-26 23:05:46 +02:00
Deborah Servili
29beb01dc3
add relationships on Mirai
2018-09-24 16:06:36 +02:00
Deborah Servili
f7e10cb38d
add references
2018-09-24 14:58:21 +02:00
Deborah Servili
77897be97e
add BusyGasper android spyware
2018-09-24 12:12:41 +02:00
Deborah Servili
2bc8e1e719
add Cobalt Dickensthreat actor
2018-09-24 11:51:09 +02:00
Deborah Servili
69c5fc30e5
add remcos ref
2018-09-24 11:07:17 +02:00
Deborah Servili
5a1734f170
update version
2018-09-21 11:16:36 +02:00
Deborah Servili
3c7e367cbf
fix field mistake
2018-09-21 11:14:19 +02:00
Deborah Servili
1cee9d71e0
update Lazarus group cluster
2018-09-20 15:38:32 +02:00
Deborah Servili
6d43d52731
new unnamedthreat actor
2018-09-20 13:24:11 +02:00
Deborah Servili
d0864a6531
new threat actors
2018-09-20 12:10:20 +02:00
Deborah Servili
0a724bee3d
merge
2018-09-19 16:01:46 +02:00
Deborah Servili
3f22dbd17d
add notpetya and update jadeRAT
2018-09-19 15:06:43 +02:00
Deborah Servili
058f778e61
add references
2018-09-19 09:04:04 +02:00
79146b9d10
fix: array in synonyms (MISP accepts it but not the schema ;-)
2018-09-19 07:35:35 +02:00
6105522453
chg: [threat-actor] Iron Group added
...
ref: https://www.intezer.com/iron-cybercrime-group-under-the-scope-2/
2018-09-19 07:08:16 +02:00
4ae0ccd192
chg: [tool] Xbash added
...
ref: https://researchcenter.paloaltonetworks.com/2018/09/unit42-xbash-combines-botnet-ransomware-coinmining-worm-targets-linux-windows/
2018-09-19 07:03:56 +02:00
8238bd5eb1
Merge pull request #263 from botherder/bahamut
...
Added Bahamut to threat actors list
2018-09-19 06:46:26 +02:00
Deborah Servili
fd960bfc1b
Add magentocore malware
2018-09-18 23:10:33 +02:00
Nex
f0383758fc
Added Bahamut to threat actors list
2018-09-18 11:27:32 +02:00
fe60e58f5b
Merge pull request #262 from botherder/mythic-leopard
...
Added additional name to C-Major
2018-09-18 11:25:58 +02:00
Nex
1e502a494e
Added additional name to C-Major
2018-09-18 11:18:42 +02:00
Nex
ee7f609397
Removed duplicates
2018-09-18 11:16:00 +02:00
88c9d8d9f6
Merge pull request #259 from botherder/country-sync
...
Synced country codes with suspected state sponsor
2018-09-17 18:18:00 +02:00
Nex
be0dd94c90
Synced country codes with suspected state sponsor
2018-09-17 16:26:14 +02:00
Nex
c2ea505459
Merged Transparent Tribe in C-Major
2018-09-17 16:11:18 +02:00
Deborah Servili
ff9409e164
add blacknurse logo
2018-09-13 12:42:01 +02:00
Deborah Servili
1dcf2e50a7
add blacknurse
2018-09-13 12:33:19 +02:00
Deborah Servili
17d3959445
add Crypt0saur ransomware
2018-09-13 11:34:57 +02:00
Deborah Servili
0843fdfb23
adding and updating clusters
2018-09-13 09:03:41 +02:00
Deborah Servili
039fc91bd6
add description for sigma ransomware
2018-09-12 14:27:09 +02:00
Deborah Servili
a73424139f
fix versions
2018-09-12 14:26:44 +02:00
Deborah Servili
f107563cad
add ref for operation Applejeus
2018-09-12 09:34:16 +02:00
Deborah Servili
cb5fa5e822
fix version
2018-09-10 14:21:14 +02:00
Deborah Servili
c92dc15937
add Operation AppleJeus
2018-09-10 14:13:09 +02:00
Deborah Servili
a81bbe288f
fix some relations
2018-09-10 12:27:40 +02:00
Deborah Servili
40d5cca20f
clusters
2018-09-07 16:03:40 +02:00
Deborah Servili
addda6c545
more clusters~
2018-09-05 16:39:33 +02:00
Deborah Servili
14024efbf1
add CamuBot Banker Trojan
2018-09-05 09:19:35 +02:00
Deborah Servili
5866b660c8
jq~
2018-09-05 08:29:08 +02:00
Deborah Servili
fb328b0ef4
add ransomwares
2018-09-05 08:20:24 +02:00
Deborah Servili
0a9e91766b
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2018-09-04 10:18:07 +02:00
Deborah Servili
912e91a5f5
add ransomware
2018-09-04 09:43:58 +02:00
0acc41131d
"jq all the thing (tm)"
2018-09-01 11:58:52 +02:00
e55f91b7ac
Merge branch 'master' of https://github.com/Kafeine/misp-galaxy into Kafeine-master
2018-09-01 11:56:10 +02:00
Kafeine
ac94f367b1
+ Fallout
2018-09-01 10:07:46 +02:00
Kafeine
21cf5ec957
Hunter EK > Active
2018-08-30 22:47:00 +02:00
Kafeine
85130f264d
Adding Underminer EK
2018-08-30 17:27:59 +02:00
Kafeine
afa3fb4cfd
Status from Terror, Bingo and Astrum
2018-08-30 17:08:37 +02:00
Kafeine
67e9ef2719
Adapting to modification from Misp repository
2018-08-30 17:04:08 +02:00
Deborah Servili
f14dd27315
add cfr data
2018-08-27 15:29:16 +02:00
Deborah Servili
d1940b6a69
Update microsoft-activity-group.json version
2018-08-27 08:38:22 +02:00
Deborah Servili
9efca2fd79
more clusters
...
Signed-off-by: Deborah Servili <deborah.servili@gmail.com>
2018-08-24 16:11:16 +02:00
Deborah Servili
c943d1c9d1
add APT28/STRONTIUM refs
2018-08-22 09:59:40 +02:00
Deborah Servili
afea4ca5e7
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2018-08-22 09:03:26 +02:00
f8c5640613
chg: [tool] biscuit biscvt tool BISKVIT
...
ref: https://www.fortinet.com/blog/threat-research/russian-army-exhibition-decoy-leads-to-new-biskvit-malware.html
2018-08-21 10:48:47 +02:00
cd76f19f52
chg: [threat-actor] APT-C-35 actor added
...
ref: https://ti.360.net/blog/articles/latest-activity-of-apt-c-35/
2018-08-15 20:25:57 +02:00
Deborah Servili
3940964956
update Dharma Ransomware
2018-08-14 15:56:09 +02:00
Deborah Servili
d5f35d94dc
version update
2018-08-14 12:21:50 +02:00
Deborah Servili
f3c02ad195
merge black ruby duplicate (delete the newer)
2018-08-14 12:20:29 +02:00
Deborah Servili
31142b41ac
merge
2018-08-14 12:09:21 +02:00
Deborah Servili
a28c50203e
fix
2018-08-14 12:07:12 +02:00
Deborah Servili
2081dc1627
resolve merge confilct -I hope-
2018-08-14 12:06:42 +02:00
Deborah Servili
4e911b2c17
Merge branch 'master' into master
2018-08-14 11:43:59 +02:00
Deborah Servili
7829e0fab6
fix typo and missing uuid
2018-08-14 11:41:06 +02:00
Deborah Servili
a646a835fe
add Rosenbridge backdoor
2018-08-14 10:09:26 +02:00
Christophe Vandeplas
88162aa44e
chg: [mapping] Generated automatic mapping between clusters
2018-08-14 09:35:22 +02:00
Christophe Vandeplas
5478f0aa45
no change: dump files with sort_keys=True
...
This is needed to keep better track of the changes when other tools load and save the json files.
2018-08-13 17:06:29 +02:00
Christophe Vandeplas
021107e597
fix: [threat-actor] added missing uuids
2018-08-13 17:00:40 +02:00
Deborah Servili
b100b0cedd
add KEYPASS ransomware
2018-08-13 15:50:09 +02:00
Deborah Servili
f1dcb05576
Merge pull request #246 from Delta-Sierra/master
...
add Skygofree android spyware
2018-08-13 12:28:30 +02:00
Deborah Servili
56fe9eb63c
add Skygofree android spyware
2018-08-13 12:20:16 +02:00
9059a85eed
chg: [tool] KEYMARBLE malware added
...
ref: https://www.us-cert.gov/ncas/analysis-reports/AR18-221A
2018-08-11 16:14:39 +02:00
Deborah Servili
27805ca768
add tools used by SamSam
2018-08-09 15:55:36 +02:00
Deborah Servili
597e7bacb9
add ransomwares
2018-08-09 13:53:04 +02:00
6620b5575a
fix: [threat-actor] related is an array of JSON objects
2018-08-09 07:53:42 +02:00
1429b60555
chg: [threat-actor] jq document
2018-08-08 16:38:39 +02:00
Deborah Servili
ebc7287e14
update schema
2018-08-08 16:12:29 +02:00
Deborah Servili
33a300b773
tags is an array
2018-08-08 15:59:44 +02:00
Deborah Servili
b857be9cab
relationship system - v2
2018-08-08 15:51:22 +02:00
Deborah Servili
050a864be0
update some clusters and try to add a relationship system
2018-08-08 14:20:38 +02:00
Deborah Servili
84adb50f0f
add RedAlpha campaigns
2018-08-07 13:55:05 +02:00
Deborah Servili
b7de06ffcc
delete forgotten conflict marker
2018-08-06 08:49:44 +02:00
Deborah Servili
010df0a2b6
resolve merge conflict
2018-08-06 08:48:21 +02:00
Deborah Servili
def23775e5
resolve merge conflict
2018-08-06 08:45:03 +02:00
Nils Kuhnert
ab49b58b02
Added DarkHydrus
2018-08-06 08:33:34 +02:00
Nils Kuhnert
4654f51889
Two small typos
2018-08-05 15:09:38 +02:00
Deborah Servili
e5b185deee
Merge branch 'master' into master
2018-08-03 16:11:16 +02:00
Deborah Servili
35aa8ba34e
delete duplicate gorgon group
2018-08-03 16:08:43 +02:00
Deborah Servili
a9a71ef84c
more clusters
2018-08-03 15:58:54 +02:00
b3701b6b34
chg: [threat-actor] The Gordon Group added
...
ref: https://researchcenter.paloaltonetworks.com/2018/08/unit42-gorgon-group-slithering-nation-state-cybercrime/
2018-08-03 10:26:52 +02:00
a0dfdd65ae
chg: [rat] Hallaj PRO Rat added
...
ref: https://securelist.com/attacks-on-industrial-enterprises-using-rms-and-teamviewer/87104/
misp-event: 5b63f5e4-bf24-4f46-8340-48fc02de0b81
2018-08-03 08:34:55 +02:00
3da005a3f3
fix: jq all the things(tm)
2018-08-02 15:15:47 +02:00
1fdf47d509
fix: [threat-actor] synonyms are always arraus
2018-08-02 15:13:18 +02:00
ece56dff38
chg: [threat-actor] leafminer - RASPITE added
2018-08-02 15:08:39 +02:00
c232b3dd5a
chg: [tool] added based on Carbanak tooling description from Crowdstrike
...
ref: https://www.crowdstrike.com/blog/arrests-put-new-focus-on-carbon-spider-adversary-group/
2018-08-02 10:30:47 +02:00
43fa95df7a
chg: [threat-actor] new reference to CARBON SPIDER/Carbanak
2018-08-02 10:03:18 +02:00
4cf84858e3
chg: [tool] Bisonal malware added (new variant with encryption capabilities)
2018-07-31 15:26:11 +02:00
Deborah Servili
e7d2541929
add Kronos Banking Trojan
2018-07-25 09:46:46 +02:00
Deborah Servili
381f7e4a19
Add CFR.org metadata into the galaxy - part 2
2018-07-25 09:08:16 +02:00
Deborah Servili
28456545be
Merge https://github.com/MISP/misp-galaxy
2018-07-16 09:16:13 +02:00
98db303047
chg: [threat-actor] The Big Bang campaign/group added
2018-07-10 08:49:00 +02:00
43a2c7f0ef
chg: [botnet] Xor DDoS added
2018-07-09 14:25:19 +02:00
raw-data
77cfaa8221
[add] new backdoor galaxy and cluster
2018-07-06 20:09:52 +01:00
Raphaël Vinot
e5939e3248
Merge branch 'master' of github.com:MISP/misp-galaxy
2018-07-06 15:25:09 +02:00
Raphaël Vinot
6f7a7921ae
new: Add entries from Bambenek Consulting
2018-07-06 15:25:05 +02:00
raw-data
fa8d0e35f6
[add] x1 new entry in stealer.json - AZORult
2018-07-06 11:00:11 +01:00
Deborah Servili
cae0f7e1ad
merging attempt
2018-06-29 16:39:34 +02:00
Deborah Servili
8c51ef98b3
add cfr related informations -still in progress-
2018-06-29 16:36:58 +02:00
Deborah Servili
fb6b01cc95
Merge branch 'master' into master
2018-06-27 09:39:28 +02:00
Deborah Servili
b1aac6b35b
cfr update -in progress + add clusters associated to RANCOR
2018-06-27 09:37:43 +02:00
1bd0fb34d7
Merge pull request #233 from Delta-Sierra/master
...
Add CFR.org metadata into the galaxy - Test
2018-06-26 14:26:18 +02:00
Deborah Servili
6f9e639981
add cfr prefix for cfr data - test
2018-06-26 10:07:14 +02:00
Deborah Servili
1cd6bddf0c
Add CFR.org metadata into the galaxy - Test
2018-06-26 09:40:13 +02:00
Deborah Servili
3838efb0bb
some updates
2018-06-26 09:26:32 +02:00
raw-data
f649af8ba5
[ADD] x1 new entry in tool.json - Koadic
2018-06-25 15:59:30 +01:00
raw-data
b3dffeb8d4
[ADD] x2 new rat - Sisfader, SocketPlayer
2018-06-25 15:46:42 +01:00
raw-data
0920d13c05
[ADD] banker.json version bump
2018-06-25 15:41:32 +01:00
raw-data
b382425d9c
[ADD] x2 new banker - Backswap, Karius
2018-06-25 15:14:56 +01:00
Nils Kuhnert
ed26cfb042
Updated APT1 report link
2018-06-22 13:49:05 +02:00
Deborah Servili
8ebde0540a
Update cert-eu-govsector.json
2018-06-22 12:50:32 +02:00
Deborah Servili
e088194ea9
fix typo in type
2018-06-22 12:45:39 +02:00
8e014674af
Fixed typo
2018-06-20 09:45:16 +02:00
Deborah Servili
dcda058944
update verion
2018-06-20 09:36:36 +02:00
Deborah Servili
e18fdf42da
add Thrip as threat actor
2018-06-20 09:30:15 +02:00
Deborah Servili
dcd159f8ed
add olympic destroyer
2018-06-19 15:26:40 +02:00
Deborah Servili
92cbd29091
add severals ransomware
2018-06-19 13:04:32 +02:00
Deborah Servili
cee83f677e
more clusters
2018-06-18 14:30:51 +02:00
Deborah Servili
d8c83cf2d6
add cluster in threat actor
2018-06-18 10:54:58 +02:00
Deborah Servili
ab577afacd
add ClipboardWalletHijacker
2018-06-18 09:47:03 +02:00
Deborah Servili
333db20791
add MysteryBot in android galaxy
2018-06-18 08:41:52 +02:00
Deborah Servili
397b37dcc8
add some ransomwares
2018-06-15 15:14:42 +02:00
e6bae7165c
Merge pull request #224 from Delta-Sierra/master
...
add some clusters
2018-06-13 12:43:35 +02:00
Deborah Servili
4ac23483b9
add some tools
2018-06-13 11:54:50 +02:00
Deborah Servili
cef7d02622
update version
2018-06-13 11:06:31 +02:00
Deborah Servili
c17a2aa7cc
add some clusters
2018-06-13 10:39:11 +02:00
Christophe Vandeplas
db81051154
minor layout corrections - validate_all
2018-06-12 11:03:09 +02:00
Christophe Vandeplas
d0d54b2751
merge pull request 222
2018-06-12 10:58:08 +02:00
Deborah Servili
508bb081c8
add BabaYaga Malware
2018-06-08 15:54:30 +02:00
Deborah Servili
2b447585b6
add PLEAD
2018-06-08 10:18:41 +02:00
Kafeine
25d21204fb
fix
2018-06-07 10:34:55 +01:00
Kafeine
52f0858ef5
+ Glazunov
2018-06-07 10:31:58 +01:00
Deborah Servili
a96a8a4a13
add sigrun ransomware's ransomnotes
2018-06-07 09:33:08 +02:00
Kafeine
178d5219c7
guuid & + VenomKit
2018-06-06 18:00:25 +01:00
Deborah Servili
e561e3e4f0
add Sigrun ransomwaremeta data
2018-06-06 16:29:24 +02:00
Deborah Servili
e2a25e165d
add Sigrun ransomware
2018-06-06 16:12:31 +02:00
Deborah Servili
07f91bcca4
add another cryptomix variant
2018-06-06 15:44:32 +02:00
Deborah Servili
3e91466aea
add Brambul worm
2018-06-06 15:07:30 +02:00
Deborah Servili
3e10d0957c
add Joanap RAT
2018-06-06 14:34:42 +02:00
308774755c
add: Iron Backdoor
2018-06-03 18:39:37 +02:00
raw-data
388a2b25b3
[ADD] x2 new info/pwd stealers - Nocturnal Stealer, TeleGrab
2018-06-01 15:59:25 +01:00
raw-data
ba6892408b
[ADD] NavRAT
2018-06-01 15:09:22 +01:00
raw-data
42bb2175e2
[ADD] DanaBot
2018-06-01 15:08:55 +01:00
6d5b8de216
Merge branch 'master' of github.com:MISP/misp-galaxy
2018-05-29 21:47:59 +02:00
c08c6af936
chg: Stalker Panda description added
2018-05-29 21:47:04 +02:00
raw-data
8726e0542d
[ADD] VPNFilter in tool.json cluster
2018-05-26 23:49:59 +01:00
raw-data
b0396e5ea2
[ADD] Pontoeb, WICKED and Brain Food into botnet.json cluster
2018-05-24 16:39:24 +01:00
Raphaël Vinot
ca964d9d35
Merge branch 'master' of github.com:MISP/misp-galaxy
2018-05-19 17:58:23 -04:00
Raphaël Vinot
96f3bf1cb8
fix: Duplicate ELECTRUM entry
...
Fix #212
2018-05-19 17:57:51 -04:00
Deborah Servili
22cb1618a5
Merge pull request #214 from Delta-Sierra/master
...
update mitre galaxies - add external id and killchain
2018-05-19 13:21:18 +02:00
Deborah Servili
6c8edd3f61
jq
2018-05-19 13:09:50 +02:00
Deborah Servili
d82a76c08f
fix scripts for nobile and pre attack attack pattern
2018-05-19 13:09:30 +02:00
Deborah Servili
f6d7291e7a
jq
2018-05-19 12:57:20 +02:00
Deborah Servili
730353f63d
update mitre galaxies - add external id and killchain
2018-05-19 12:56:20 +02:00
3a7c4e3c57
Merge pull request #211 from eCrimeLabs/master
...
Added links in relation to Threat-actor info from Dragos
2018-05-15 16:17:56 +02:00
9b888f238a
Merge pull request #209 from raw-data/master
...
[ADD] RadRAT, ARS VBS Loader and FlawedAmmyy into rat.json cluster
2018-05-15 16:17:18 +02:00
Dennis Rand
1ab4e4f4cf
Added data related to Dragos Adverseries
2018-05-15 12:06:48 +00:00
Deborah Servili
3d5c697761
add Stalinlocker
2018-05-15 12:27:20 +02:00
Deborah Servili
5b22aa7225
add Mettle botnet
2018-05-14 12:00:22 +02:00
raw-data
0ba6233309
[ADD] RadRAT, ARS VBS Loader and FlawedAmmyy into rat.json cluster
2018-05-11 01:15:35 +01:00
Deborah Servili
5e0bd260d6
update some clusters
2018-05-09 16:12:02 +02:00
Deborah Servili
2b16c86687
add maikspy
2018-05-09 09:52:22 +02:00
Deborah Servili
d3f7f7b591
jq~
2018-05-09 09:34:08 +02:00
Deborah Servili
360a4d4556
add reference for HNS botnet
2018-05-09 09:29:23 +02:00
Deborah Servili
0d745f6c93
add HNS bot net & HPE iLO 4 Ransomware/Wiper
2018-05-09 09:22:29 +02:00
Deborah Servili
394950379b
add Kitty malware
2018-05-07 15:27:29 +02:00
Deborah Servili
1c783a1453
update version -oops-
2018-05-07 08:52:15 +02:00
Deborah Servili
9cf976b2c5
update - GandCrab v3
2018-05-07 08:46:31 +02:00
Deborah Servili
d6e4c166c5
add an unnamed ransomware
2018-05-04 15:59:37 +02:00
Deborah Servili
ba631f1b43
add spymaster pro as rat
2018-05-04 15:12:56 +02:00
Deborah Servili
58e3e5f5d6
add ZooPark campaign
2018-05-04 10:16:01 +02:00
6b1d7d2201
add: threat actors from Dragos Inc. (based on https://dragos.com/adversaries.html )
2018-05-03 21:22:09 +02:00
Deborah Servili
979c784640
jq
2018-05-03 16:08:27 +02:00
Deborah Servili
83581c62b0
add Rubella Macro Builder
2018-05-03 15:38:06 +02:00
Deborah Servili
434716df86
add GravityRAT
2018-05-03 14:35:20 +02:00
Deborah Servili
55504f93d6
add HOGFISH as APT10 synonym
2018-05-03 11:10:21 +02:00
Deborah Servili
9a800ebec1
add Henbox
2018-05-03 10:57:39 +02:00
Deborah Servili
11f0963468
add Orangeworm, Kwampirs, Iron ransomware and Ton ransomware
2018-04-24 10:20:11 +02:00
Deborah Servili
6bf2004bd5
add Muhstik botnet
2018-04-23 09:26:28 +02:00
Stefan Kelm
0b63cb683b
NMCRYPT ransomware
2018-04-20 11:28:02 +02:00
Deborah Servili
f95f7b6057
Merge branch 'master' of https://github.com/Delta-Sierra/misp-galaxy
2018-04-20 10:27:54 +02:00
Deborah Servili
338eb7ab61
jq
2018-04-20 10:26:11 +02:00
Deborah Servili
6e2c0ea809
Update Ransomware galaxy version
2018-04-20 10:18:33 +02:00
Deborah Servili
f87da7a3a6
add Xiaoba
2018-04-20 10:13:52 +02:00
Deborah Servili
0e0c806e9e
Merge https://github.com/MISP/misp-galaxy
2018-04-19 16:04:18 +02:00
Deborah Servili
473bf61fc7
add some ransomwares
2018-04-19 15:00:30 +02:00
Daniel Roethlisberger
8c861848f8
Add Comnie RAT.
2018-04-17 15:49:05 +02:00
StefanKelm
74610731ee
Added 'Chtonic' synonym
2018-04-16 15:37:23 +02:00
StefanKelm
eff4ace398
Remove Chthonic since it's a duplicate (banker.json)
2018-04-16 15:34:59 +02:00
Deborah Servili
c785ee6384
add some ransomwares & threat actors
2018-04-16 09:24:11 +02:00
Deborah Servili
1a18ffb3eb
add Rovnix
2018-04-11 16:30:58 +02:00
Deborah Servili
e4b95abce3
add IcedID reference
2018-04-11 11:59:35 +02:00
Deborah Servili
c773597155
add GoScanSSH tool
2018-04-10 15:56:27 +02:00
Deborah Servili
113599bb24
add LockCrypt ransomware
2018-04-10 15:15:08 +02:00
Deborah Servili
a11bd66cf3
jq
2018-04-10 10:54:58 +02:00
Deborah Servili
ef8b428838
add PUBG ransomware
2018-04-10 10:54:36 +02:00
Deborah Servili
6f3921076a
update matrix ransomware
2018-04-09 15:49:11 +02:00
Deborah Servili
20b1508e4b
update version
2018-04-09 14:59:12 +02:00
Deborah Servili
e67a7b015d
update matrix ransomware
2018-04-09 14:52:07 +02:00
Deborah Servili
8596ff3e10
update threat actor galaxy based on https://www.fireeye.com/content/dam/collateral/en/mtrends-2018.pdf
2018-04-09 11:52:12 +02:00
Deborah Servili
386349c607
add BlackRuby& WhiteRose ransomwares (+some fix)
2018-04-06 12:00:57 +02:00
Deborah Servili
47a0fbed8c
merge the two Igexin clusters - fix #183
2018-04-05 13:47:09 +02:00
Deborah Servili
2bd3344eb6
add 2 -supposed- wipers
2018-04-05 11:51:13 +02:00
Deborah Servili
a0e8e45321
update ransomware galaxy versionC
2018-04-05 10:46:48 +02:00
Deborah Servili
7584c5f2a1
update cryptomix
2018-04-05 10:45:26 +02:00
Deborah Servili
b31f2632fd
update botnet version
2018-04-05 09:49:57 +02:00
Deborah Servili
73e14c53eb
complete hajime botnet
2018-04-04 16:22:50 +02:00
Deborah Servili
572404dcc7
add hajime botnet
2018-04-04 14:41:57 +02:00
Deborah Servili
a78972e0ac
Merge pull request #181 from Delta-Sierra/master
...
add external_id to values (MITRE galaxies)
2018-04-04 14:09:49 +02:00
Deborah Servili
8d4053741b
jq
2018-04-04 12:54:04 +02:00
Deborah Servili
804fcedb5c
add external_id to values
2018-04-03 15:53:17 +02:00
f4d7fe0166
add: SHARPKNOT
2018-03-29 16:31:05 +02:00
Kafeine
6c7d0f8684
+ThreadKit
2018-03-26 18:05:14 +01:00
Raphaël Vinot
24fa5b8b1b
Merge branch 'master' of github.com:MISP/misp-galaxy
2018-03-23 10:40:32 +01:00
Raphaël Vinot
f6695f5b56
fix: Duplicate UUID in tools
2018-03-23 10:40:21 +01:00
Deborah Servili
0f14c2e563
Merge https://github.com/MISP/misp-galaxy
2018-03-23 08:28:20 +01:00
Deborah Servili
3ae0e5f113
add several tools
2018-03-23 08:27:14 +01:00
StefanKelm
cdf5344719
Update mitre-enterprise-attack-intrusion-set.json
2018-03-22 14:32:59 +01:00
StefanKelm
9add19ae7f
Update and rename mitre-entreprise-attack-tool.json to mitre-enterprise-attack-tool.json
2018-03-22 14:03:31 +01:00
StefanKelm
a1daa975aa
Update and rename mitre-entreprise-attack-relationship.json to mitre-enterprise-attack-relationship.json
2018-03-22 14:02:30 +01:00
StefanKelm
9d612ba3d9
Update and rename mitre-entreprise-attack-malware.json to mitre-enterprise-attack-malware.json
2018-03-22 14:01:27 +01:00
StefanKelm
b9aef43c73
Update and rename mitre-entreprise-attack-intrusion-set.json to mitre-enterprise-attack-intrusion-set.json
2018-03-22 14:00:20 +01:00
StefanKelm
36204644f1
Update mitre-enterprise-attack-course-of-action.json
2018-03-22 13:59:42 +01:00
StefanKelm
b619c8fc32
Update and rename mitre-entreprise-attack-course-of-action.json to mitre-enterprise-attack-course-of-action.json
2018-03-22 13:58:39 +01:00
StefanKelm
24930772c5
Update and rename mitre-entreprise-attack-attack-pattern.json to mitre-enterprise-attack-attack-pattern.json
2018-03-22 13:57:45 +01:00
Deborah Servili
011e0e9574
update Android galaxy based on: https://source.android.com/security/reports/Google_Android_Security_2017_Report_Final.pdf - possible duplicates!
2018-03-21 16:17:33 +01:00
Deborah Servili
181d4604a5
add Zenis ransomware
2018-03-21 15:22:21 +01:00
Deborah Servili
8cfd258ee3
Merge branch 'master' into master
2018-03-21 08:31:56 +01:00
Deborah Servili
510347c730
add gamut botnet
2018-03-21 08:29:41 +01:00
Kafeine
9e30ff1345
+Glazunov
2018-03-19 09:23:27 +00:00
Daniel Plohmann (jupiter)
83fd4a9af9
added leviathan
2018-03-17 11:57:10 +01:00
Dennis Rand
080e68a30f
Added RoyalCli and RoyalDNS related to APT15 based on information from NCC Group
2018-03-15 22:08:06 +00:00
468f9dcb9d
Merge pull request #171 from Delta-Sierra/master
...
add qwerty ransomware
2018-03-15 10:47:37 +01:00
Deborah Servili
2e9827d9a3
jq
2018-03-15 10:41:37 +01:00
Deborah Servili
37a0b96a7b
add qwertyransomware
2018-03-15 10:40:34 +01:00
eCrimeLabs
bfeb9d772c
Malware Used by APT37
...
Malware Used by APT37
2018-03-14 22:11:43 +00:00
eCrimeLabs
84215d0003
Added tools from APT37
...
Malware Used by APT37
2018-03-14 21:53:35 +00:00
Deborah Servili
5fa09c0962
update version
2018-03-12 11:54:29 +01:00
Deborah Servili
e6a703e359
jq
2018-03-12 11:53:06 +01:00
Deborah Servili
e3c6e7e238
add missing uuid
2018-03-12 11:52:51 +01:00
Deborah Servili
4aa73942e7
add ref for BS2005
2018-03-12 11:46:04 +01:00
Deborah Servili
73eb11fedd
update Mirage Threat actor
2018-03-12 10:44:57 +01:00
Deborah Servili
11daa2e1e0
add Nautilus, Neuron and update GandCrab
2018-03-12 10:23:57 +01:00
Deborah Servili
2fc9fb86d2
update GandCrab
2018-03-09 15:35:42 +01:00
Deborah Servili
ca7034a117
jq all the things
2018-03-09 14:53:31 +01:00
Deborah Servili
0c1e0b86b5
add missing uuid
2018-03-09 14:39:14 +01:00
Deborah Servili
ac8dc7122c
add Shipup
2018-03-09 14:34:14 +01:00
Deborah Servili
1b19f99f87
add ghotex
2018-03-09 14:29:24 +01:00
Deborah Servili
d2ad0f1c09
add miniflame
2018-03-09 12:20:06 +01:00
Deborah Servili
6096c45da5
add Downloader-FGO
2018-03-09 11:32:31 +01:00
Deborah Servili
a415a48d71
add Cheshire Cat -hack.lu video as reference!
2018-03-09 10:47:17 +01:00
Deborah Servili
0ad7f06cf6
add Aurora/Hydraq
2018-03-09 10:18:47 +01:00
Deborah Servili
0cfc8907f3
add Rotinom
2018-03-09 09:25:40 +01:00
Deborah Servili
773d764445
add Exforel
2018-03-09 09:21:32 +01:00
Deborah Servili
58e10c9af4
add RSAUtil and Coldroot
2018-03-07 13:00:07 +01:00
Deborah Servili
ee3c858e4f
Add TSCookie Malware and RAT
2018-03-06 13:28:28 +01:00
Deborah Servili
3f8b44bbe3
jq
2018-03-01 15:02:48 +01:00
Deborah Servili
227fa8b44f
Merge https://github.com/MISP/misp-galaxy
2018-03-01 15:01:49 +01:00
Deborah Servili
b3574f880a
jq ftw
2018-02-28 16:16:28 +01:00
Deborah Servili
d88a4a44dc
add uuid to every cluster
2018-02-28 15:37:37 +01:00
22bf4f951f
fix #161
2018-02-27 19:32:07 +01:00
Deborah Servili
2eea951b71
add extension for Thanatos ransomware
2018-02-27 16:23:13 +01:00
Deborah Servili
63f77a81ec
add botnets to galaxy
2018-02-27 16:04:23 +01:00
Deborah Servili
bfd74bb54d
add Thanatos ransomware
2018-02-27 15:03:26 +01:00
Deborah Servili
8f0e6058b8
Removing duplicates refs - 2
2018-02-23 11:49:32 +01:00
Deborah Servili
dd62ea1844
manage duplicate refs - first try
2018-02-23 11:44:17 +01:00
Deborah Servili
fd9919e67a
jq all the things
2018-02-23 08:38:32 +01:00
Deborah Servili
4ddb598de4
add MITRE Galaxies V2.0
2018-02-21 16:28:11 +01:00
Deborah Servili
384e26a1b4
create botnet galaxy
2018-02-20 15:33:24 +01:00
Deborah Servili
6147b89c4a
add ShurL0ckr ransomware
2018-02-20 11:19:55 +01:00
Deborah Servili
42596842a8
add synonym and ref for Emissary Panda (Iron Tiger APT)
2018-02-20 10:37:47 +01:00
Deborah Servili
aa9fe74596
jq
2018-02-19 16:35:58 +01:00
Deborah Servili
d3d2db7e11
complete gandcrab
2018-02-19 16:27:28 +01:00
Deborah Servili
289e41a35b
add gandcrap ransomware + update references
2018-02-19 15:58:47 +01:00
b7e8918193
fix: JSON format
2018-02-14 11:10:44 +01:00
db2b187bc6
Merge branch 'master' of https://github.com/Kafeine/misp-galaxy into Kafeine-master
2018-02-14 11:06:19 +01:00
Kafeine
bbb76373a5
~Sakura description
2018-02-13 11:48:13 +00:00
Kafeine
7155477764
+SPL Exploit Kit, ~Grandsoft
2018-02-13 11:46:24 +00:00
Deborah Servili
3ad7e412a4
add Smominru
2018-02-01 14:29:06 +01:00
Deborah Servili
7d29f57d5b
add CrossRat
2018-01-31 11:14:20 +01:00
4664042400
fix: PureMasuta added to Masuta
2018-01-25 16:06:21 +01:00
3b61d2c84a
fix: typo in meta field
2018-01-25 15:56:16 +01:00
1831752530
add ref to Nexus Zeta
2018-01-25 15:43:33 +01:00
193b474ad2
add: Nexus Zeta is no stranger when it comes to implementing SOAP
...
relatedrelated exploit ;-)
2018-01-25 15:41:47 +01:00
5070314aae
add: Matsuta IoT botnet added
2018-01-25 15:39:44 +01:00
Daniel Plohmann
6de7c0176d
adding dark caracal
2018-01-25 12:54:50 +01:00
Kafeine
df47e09457
BlackTDS added
2018-01-24 14:20:50 +00:00
Deborah Servili
ddffa49b42
add Digmine
2018-01-15 15:45:26 +01:00
Deborah Servili
8c5eb9e957
add downAndExec
2018-01-15 15:00:25 +01:00
Deborah Servili
8c1583b962
add travle/PYLOT
2018-01-15 14:44:36 +01:00
Deborah Servili
8240934eb5
fix forgotten value Microcin
2018-01-11 16:01:19 +01:00
Deborah Servili
130ad39d4c
add macOS malwares
2018-01-11 15:19:18 +01:00
Deborah Servili
80d4fd0164
add monero miner
2018-01-10 15:30:47 +01:00
59a4fd52ad
fix: Updated description to clearly states that only branded vulnerabilities
2018-01-09 09:23:19 +01:00
Deborah Servili
9dd9810167
rename files + update README.md
2018-01-09 09:20:13 +01:00
Deborah Servili
225ce1f3ee
New galaxy Branded Vulnerability
2018-01-09 09:02:29 +01:00
63b72cdade
add in preventive measures: blacklisting phone numbers
2017-12-28 13:28:49 +01:00
Deborah Servili
9b23956c37
jqallthethings
2017-12-22 10:47:06 +01:00
Deborah Servili
d6b16b2177
update Sofacy tools
2017-12-22 10:46:18 +01:00
Deborah Servili
f737b7fe0a
modify SedKit description
2017-12-22 10:08:54 +01:00
Deborah Servili
e787efce72
add SedKit
2017-12-22 10:05:52 +01:00
Deborah Servili
51a4868a3f
add "Power"tools
2017-12-21 11:18:32 +01:00
Deborah Servili
56d5ab9afa
add satori (Mirai Variant)
2017-12-20 11:25:06 +01:00
Deborah Servili
9aa073a1c4
add PRILEX & CUTLET MAKER
2017-12-19 15:38:33 +01:00
Deborah Servili
eb9a49df81
add GratefulPOS
2017-12-19 12:17:42 +01:00
Deborah Servili
a9e5cff50f
update Android galaxy
2017-12-19 08:56:39 +01:00
Deborah Servili
5f731a428d
add source for NewCore RAT
2017-12-18 14:29:34 +01:00
Deborah Servili
db8ae5fbfe
update OilRig threat actor
2017-12-18 09:26:15 +01:00
Deborah Servili
91e2d56d4d
add file spider ransomware
2017-12-15 10:21:23 +01:00
Deborah Servili
cfaadb0c71
add OSX.Pirrit
2017-12-15 09:57:39 +01:00
d767e43669
TRISIS is the main name of TRITON as discussed in https://twitter.com/DragosInc/status/941355602512613381
2017-12-14 18:56:36 +01:00
90e37eb272
TRITON added
2017-12-14 17:13:18 +01:00
Deborah Servili
901d624a52
add SSHDoor
2017-12-14 11:37:05 +01:00
Deborah Servili
a2deaed935
add cryptomix variant
2017-12-14 10:58:29 +01:00
Deborah Servili
8836dfdc16
add Quant Loader
2017-12-13 15:51:24 +01:00
Deborah Servili
e891373ce8
Add MoneyTaker
2017-12-13 15:15:57 +01:00
Deborah Servili
5cac510818
update threat actor galaxy
2017-12-13 14:57:38 +01:00
Deborah Servili
e4d95b9ce8
Merge pull request #133 from Delta-Sierra/master
...
add source for BankBot
2017-12-11 10:39:31 +01:00
Deborah Servili
2c5a116ed5
add source for BankBot
2017-12-11 10:25:41 +01:00
c2e2093f29
Merge branch 'master' of https://github.com/Delta-Sierra/misp-galaxy into Delta-Sierra-master
2017-12-10 10:23:37 +01:00
2578daabf6
merge conflict solved - wp-vcd added
2017-12-10 10:19:17 +01:00
5f34b618f8
StrongPity2 added
2017-12-10 09:24:32 +01:00
Deborah Servili
16398ed750
jq
2017-12-08 15:48:59 +01:00
Deborah Servili
12e0af9fa2
add malware/ransomwares
2017-12-08 15:45:44 +01:00
Deborah Servili
8531d4e299
add SLocker
2017-12-07 14:26:41 +01:00
Deborah Servili
f1b4cab10b
add HC7 ransomware
2017-12-07 11:25:08 +01:00
Deborah Servili
3023039956
add StorageCrypt Ransomware
2017-12-06 12:34:17 +01:00
Deborah Servili
d887659e51
add Halloware ransomware
2017-12-05 09:47:50 +01:00
Deborah Servili
c2b49e5ecd
update cryptomix
2017-12-04 12:21:21 +01:00
57b7b5baff
add: Tizi malware added
2017-12-03 07:33:19 +01:00
Deborah Servili
695d580d3c
add UBoatRAT
2017-11-29 10:09:39 +01:00
Deborah Servili
a46903b8dd
update ROKRAT
2017-11-28 14:01:06 +01:00
Deborah Servili
1cb62212ca
cryptomix - update
2017-11-22 13:46:50 +01:00
Deborah Servili
1bd8293901
add IcedID banker
2017-11-22 11:38:35 +01:00
Deborah Servili
a7d117781b
cryptomix - add ransomnotes
2017-11-21 14:24:46 +01:00
Deborah Servili
bd940d45ad
cryptomix - merge duplicates and update
2017-11-21 14:16:41 +01:00
Deborah Servili
6f79153169
add Ordinypt
2017-11-21 12:13:38 +01:00
Deborah Servili
ff3cb27a3b
jq
2017-11-20 12:33:47 +01:00
Deborah Servili
632f030b28
update tool galaxy
2017-11-20 12:32:35 +01:00
steffenenders
96749fd350
Fixed mixed up description/value for MuddyWater
2017-11-19 19:23:10 +01:00
Deborah Servili
e2dbd5a9a3
add MuddyWater + Update HIDDEN COBRA and update its tools
2017-11-17 15:41:44 +01:00
Deborah Servili
24e4b15156
add Silence Trojan
2017-11-14 16:20:08 +01:00
Deborah Servili
09bab156c7
update version number
2017-11-09 12:30:32 +01:00
Deborah Servili
2ed39f3cee
Fix typo - Spaaaace~
2017-11-09 09:39:45 +01:00
Deborah Servili
880c74f469
add ALMA Communicator
2017-11-09 09:25:16 +01:00
Deborah Servili
3369270bdb
add Sowbug group
2017-11-08 15:05:37 +01:00
Deborah Servili
5ee2001391
update Falismus RAT
2017-11-08 11:34:55 +01:00
Fredrik Borg
72d8bfc28a
fix-iso-code-3
2017-11-07 14:15:40 +01:00
Fredrik Borg
afc4972e25
fix iso codes
2017-11-07 14:04:04 +01:00
Fredrik Borg
53a6a8d26f
remove duplicate references
2017-11-07 13:34:44 +01:00
Siri Bromander
bf0d1d27ca
Updated with data from APT Groups and Operations
2017-11-07 11:07:23 +01:00
Fredrik Borg
26192bf39a
Bump version number
2017-11-01 18:14:20 +01:00
Fredrik Borg
51f86d5382
Use standard (2 digits) ISO codes for all countries
2017-11-01 12:38:21 +01:00
Raphaël Vinot
aa93b0e61d
Update banker galaxy
2017-10-27 11:10:26 -04:00
Raphaël Vinot
756af14983
Merge branch 'master' of github.com:MISP/misp-galaxy
2017-10-27 10:50:58 -04:00
Raphaël Vinot
eef988e9ad
Cosmetic updates
2017-10-27 10:50:47 -04:00
Deborah Servili
7246746bbe
add htpRAT
2017-10-27 15:50:22 +02:00
Deborah Servili
2fefd3810d
add dimnie
2017-10-27 11:42:01 +02:00
Deborah Servili
ad9fff6c3f
Merge pull request #103 from Delta-Sierra/master
...
add Formbook
2017-10-27 10:40:00 +02:00
Deborah Servili
2533c1b54e
fix typo
2017-10-27 10:33:58 +02:00
Deborah Servili
5597e5af1c
add Formbook
2017-10-27 10:30:21 +02:00
Raphaël Vinot
24e7d89ac9
Deduplicate Android cluster
2017-10-26 19:00:57 -04:00
Raphaël Vinot
40e26a59f1
Merge branch 'master' of github.com:MISP/misp-galaxy
2017-10-26 18:54:56 -04:00
Raphaël Vinot
6d0952e4ed
Add android and banker galaxies
2017-10-26 18:53:01 -04:00
aed963c52d
Merge pull request #102 from Delta-Sierra/master
...
delete x_ prefix from mitre_attack_pattern
2017-10-26 10:36:02 +02:00
Deborah Servili
709b78c2de
jq
2017-10-26 10:28:53 +02:00
Deborah Servili
3a41799542
add galaxy icon to mitre-cti tools & regenerate galaxies
2017-10-26 10:28:05 +02:00
Deborah Servili
fa8c4ec839
delete x_ prefix from mitre_attack_pattern
2017-10-26 09:44:23 +02:00
Raphaël Vinot
72dbbb28fa
Remove the executable flag from the json files, again
2017-10-25 12:29:16 -04:00
Raphaël Vinot
c6f9c5261c
Merge branch 'master' of github.com:MISP/misp-galaxy
2017-10-25 12:28:01 -04:00
Raphaël Vinot
196f0a7ac8
Remove the executable flag from the json files
2017-10-25 12:25:36 -04:00
Deborah Servili
6aee8e41fd
add BadRabbit ransomware
2017-10-25 09:28:03 +02:00
Deborah Servili
5b7e2de87a
add cert EU govsectors galaxy
2017-10-24 11:15:05 +02:00
ce0f4d5e4a
SOCKET23 RAT added
2017-10-21 15:14:42 +02:00
3860b1a78a
JadeRAT added
2017-10-21 13:53:40 +02:00
Deborah Servili
814c19841f
jq
2017-10-20 15:32:01 +02:00
Deborah Servili
2fd3d3221d
add IoT_reaper
2017-10-20 15:09:20 +02:00
Deborah Servili
a6d5383adf
add synonym in tool galaxy
2017-10-18 15:43:12 +02:00
Deborah Servili
aa5e823801
add sectors galaxy
2017-10-11 09:52:33 +02:00
Deborah Servili
fa723b6e90
add lukitus ransomnote to Locky
2017-10-04 09:32:55 +02:00
Deborah Servili
671d7ea456
add lukitus extension to Locky
2017-10-04 09:22:53 +02:00
Deborah Servili
fa5cb66a84
fix typo
2017-10-04 08:38:12 +02:00
Deborah Servili
13f0b95654
add year of apparition for Rats + fixing some typos
2017-10-03 16:26:58 +02:00
Deborah Servili
4f73184818
jq
2017-09-29 17:02:12 +02:00
Deborah Servili
b33014e0dd
add Remote Access/Administration Tools
2017-09-29 16:59:25 +02:00
Daniel Plohmann
02710714bd
add APT33 as identified by FireEye
2017-09-29 11:43:38 +02:00
Deborah Servili
fecfdd39f3
add Adwind RAT synonyms
2017-09-25 15:18:51 +02:00
Deborah Servili
38f9d2cbfd
Fix typo
2017-09-20 10:00:27 +02:00
Deborah Servili
c282899db7
add SyncCrypt Ransomwar
2017-09-06 15:23:27 +02:00
Deborah Servili
bba45c7fe6
add SynAck Ransomware ransomnote's name
2017-09-06 14:00:00 +02:00
Deborah Servili
5e11faaa92
add SynAck Ransomware
2017-09-06 13:45:24 +02:00
Deborah Servili
d07d4fbfa7
fix typo~
2017-09-06 10:04:57 +02:00
Deborah Servili
da5b1d2ed3
add tools and rat
2017-09-06 09:51:52 +02:00
Raphaël Vinot
568557c1af
JQ all the things.
2017-08-30 10:08:35 +02:00
381b608900
Fixed with jq ;-)
2017-08-30 10:04:19 +02:00
Kafeine
4b94d36d2e
Merge branch 'master' into master
2017-08-29 12:41:33 +01:00
Kafeine
ee3e2b3a14
+WhiteHole +ref for Disdain
2017-08-29 10:36:38 +01:00
Deborah Servili
a2035e5840
add ransomwares
2017-08-28 11:14:27 +02:00
Deborah Servili
15ce9fb85d
add fireball malware
2017-08-24 16:10:17 +02:00
Deborah Servili
63b7e62de5
add Joao malware
2017-08-24 08:49:42 +02:00
760f863f8a
EngineBox malware added
2017-08-19 09:38:45 +02:00
Deborah Servili
ad22bafdba
jq
2017-08-17 15:54:44 +02:00
Deborah Servili
91cd3a6eec
update mitre galaxies
2017-08-17 15:53:41 +02:00
iglocska
cf780290be
Fixed some issues with a misnamed galaxy
2017-08-16 21:40:05 +02:00
Deborah Servili
7e391e8a39
version is integer
2017-08-16 15:23:58 +02:00
Deborah Servili
7cb372bdb5
put uuid as meta
2017-08-16 15:13:18 +02:00
Deborah Servili
447bfe93f3
new generation of mitre galaxies
2017-08-16 12:37:07 +02:00
Deborah Servili
fb5560f927
add mitre based galaxies
2017-08-16 12:17:00 +02:00
Deborah Servili
d29fb670c0
fix space typo
2017-08-16 10:50:12 +02:00
Kafeine
bde18d917f
+disdain+captainblack-Neutrino
2017-08-15 20:53:41 +02:00
Deborah Servili
693ea7e58a
type is array -shh I'm bad with the format, I know
2017-08-08 15:00:06 +02:00
Deborah Servili
6d7ec00907
type is meta
2017-08-08 12:44:37 +02:00
Deborah Servili
fa813f0f20
jq~
2017-08-08 12:40:35 +02:00
Deborah Servili
d6a4e3a5a0
add/update tool galaxy
2017-08-08 12:37:14 +02:00
Deborah Servili
4482e198a0
add GlobeImposter synonym
2017-08-08 08:50:36 +02:00
Raphaël Vinot
3b7ad8ea8c
Merge pull request #75 from Delta-Sierra/master
...
add svpeng tool
2017-08-02 11:21:24 +02:00
Deborah Servili
ca58a2f8b4
jq
2017-08-02 11:16:21 +02:00
Daniel Plohmann
355a230182
added FIN7 as alias for anunak
2017-08-01 13:29:57 +02:00
Daniel Plohmann
b4e49823dd
merged barium into axiom (only one redundant reference given)
2017-08-01 13:13:56 +02:00
Deborah Servili
8573d28493
Merge branch 'master' into master
2017-08-01 10:18:18 +02:00
Deborah Servili
c8fa7a919f
try to merge 'CowerSnail added'
2017-08-01 10:04:25 +02:00
Deborah Servili
52cd886ceb
add svpeng tool
2017-08-01 09:44:38 +02:00
fda915f2f6
CowerSnail added
2017-07-30 18:46:20 +02:00
Raphaël Vinot
81d304345f
Remove duplicates
2017-07-26 14:57:14 +02:00
Raphaël Vinot
282c3a8101
Merge pull request #74 from Delta-Sierra/master
...
adding clusters based on MISP data
2017-07-26 11:41:00 +02:00
Deborah Servili
497ecc396a
clean tool.json
2017-07-26 09:41:08 +02:00
Deborah Servili
7e59f14dca
update Spring Dragon threat actor
2017-07-26 09:21:36 +02:00
Raphaël Vinot
c971b8e935
Add missing name XtremeRAT
2017-07-25 20:24:00 +02:00
Raphaël Vinot
8598210895
Remove empty string.
2017-07-25 18:02:11 +02:00
Raphaël Vinot
a2567a9fc3
Remove duplicates
2017-07-25 13:12:48 +02:00
Deborah Servili
a6eb7338b3
adding clusters based on MISP data
2017-07-19 16:25:46 +02:00
Kafeine
a39dde6dba
Update exploit-kit.json
2017-07-13 09:33:23 +01:00
3b13a9101c
Merge branch 'master' of github.com:MISP/misp-galaxy
2017-07-08 10:16:29 +02:00
a295d40589
Cobalt gang added
2017-07-08 10:16:11 +02:00
4177bf150c
Merge pull request #73 from Delta-Sierra/master
...
add cerber synonym
2017-06-30 10:45:06 +02:00
Deborah Servili
a2bc1e97de
add cerber synonym
2017-06-30 10:03:57 +02:00
c0786dfb22
El Machete added
2017-06-26 11:44:46 +02:00
Deborah Servili
c12009921a
add synonym for ammyyadmin
2017-06-21 11:02:57 +02:00
Deborah Servili
d01cfb8d1e
Add SOREBRECT ransomware
2017-06-21 08:56:03 +02:00
dd2a51037a
jq all ;-)
2017-06-20 20:34:04 +02:00
Jaime
f92b9cb710
Added FIN8 actor
2017-06-20 11:28:32 -07:00
Deborah Servili
aa25157403
alwaaays moooore RAT
2017-06-20 12:26:16 +02:00
Deborah Servili
5f5b71aa93
add rats from https://www.lifewire.com/free-remote-access-software-tools-2625161
2017-06-20 11:16:36 +02:00
Deborah Servili
57f6c2414d
add rats
2017-06-20 09:19:19 +02:00
951ed3b9ed
jq
2017-06-16 22:18:51 +02:00
3219d5de5c
Merge pull request #67 from Delta-Sierra/master
...
add some rats and tools
2017-06-16 22:18:14 +02:00
Deborah Servili
91cf7b4cee
add some rats sand tools
2017-06-16 15:34:20 +02:00
David André
3dfbb7e1d0
Added Symantec alias for sofacy
2017-06-16 11:22:17 +02:00
danielplohmann
5724f19873
Merge branch 'master' into hidden-cobra-lazarus
2017-06-15 14:13:50 +02:00
Daniel Plohmann (jupiter)
f7963c9a8c
added Hidden Cobra as alias for Lazarus Group
2017-06-15 14:09:29 +02:00
Daniel Plohmann
ff4f428bc1
added ELECTRUM to threat-actor.json (afaik not confirmed as an alias atm)
2017-06-13 13:25:16 +02:00
Daniel Plohmann
9924a8875c
added PLATINUM to threat-actor.json (afaik not confirmed as an alias atm)
2017-06-13 13:21:10 +02:00