MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #812 from jloehel/boldmove 

chg: [backdoor] Adds BOLDMOVE
pull/814/head
Alexandre Dulaunoy 2023-01-31 06:24:59 +01:00 committed by GitHub
parent f509c45d74 33513241bd
commit 033895b052
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
clusters/backdoor.json
View File

@ -193,7 +193,19 @@
},
"uuid": "0c3b1aa5-3a33-493e-9126-28ebced4ed09",
"value": "BPFDoor"
},
{
"description": "According to Mandiant, this malware family is attributed to potential chinese background and its Linux variant is related to exploitation of Fortinet's SSL-VPN (CVE-2022-42475).",
"meta": {
"refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/win.boldmove",
"https://malpedia.caad.fkie.fraunhofer.de/details/elf.boldmove",
"https://www.mandiant.com/resources/blog/chinese-actors-exploit-fortios-flaw"
]
},
"uuid": "2cef78bd-f097-4477-8888-79359042b515",
"value": "BOLDMOVE"
}
],
"version": 13
"version": 14
}