MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

pimp winnti

pull/36/head
Thanat0s 2017-02-26 19:26:21 +01:00
parent 8de827977c
commit 0775bfce62
1 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
clusters/tool.json
View File

@ -356,7 +356,7 @@
},
{
"value": "NetTraveler",
"description": "APT that infected hundreds of high profile victims in more than 40 countries. Known targets of NetTraveler include Tibetan/Uyghur activists, oil industry companies, scientific research centers and institutes, universities, private companies, governments and governmental institutions, embassies and military contractors.",
"description": "APT that infected hundreds of high profile victims in more than 40 countries. Known targets of NetTraveler include Tibetan/Uyghur activists, oil industry companies, scientific research centers and institutes, universities, private companies, governments and governmental institutions, embassies and military contractors.",
"meta": {
"synonyms": [
"TravNet",
@ -371,7 +371,21 @@
}
},
{
"value": "Winnti"
"value": "Winnti",
"description": "APT used As part of Operation SMN, Novetta analyzed recent versions of the Winnti malware. The samples, compiled from mid- to late 2014, exhibited minimal functional changes over the previous generations Kaspersky reported in 2013.",
"meta": {
"synonyms": [
"Etso",
"SUQ",
"Agent.ALQHI"
],
"refs": [
"https://securelist.com/blog/incidents/57455/nettraveler-is-back-the-red-star-apt-returns-with-new-tricks/"
],
"type": [
"Backdoor"
]
}
},
{
"value": "Mimikatz",