From 138c7c7ba8d0d27df1f23da6f9d92facc573a67e Mon Sep 17 00:00:00 2001 From: Christophe Vandeplas Date: Sun, 23 Apr 2023 17:35:54 +0200 Subject: [PATCH] chg: [rels] more relations on cluster "value" --- .gitignore | 1 + clusters/malpedia.json | 2027 +++++++++++++++++++++++++++++++- clusters/mitre-ics-groups.json | 47 +- clusters/threat-actor.json | 39 +- clusters/tool.json | 1176 +++++++++++++++++- 5 files changed, 3281 insertions(+), 9 deletions(-) diff --git a/.gitignore b/.gitignore index e0e8c99..36b8470 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ __pycache__ .DS_Store +.idea/ diff --git a/clusters/malpedia.json b/clusters/malpedia.json index 6c50ff2..b9b0fd8 100644 --- a/clusters/malpedia.json +++ b/clusters/malpedia.json @@ -40,6 +40,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "e306fe62-c708-11e8-89f2-073e396e5403", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e8a04177-6a91-46a6-9f63-6a9fac4dfa02", "value": "FastCash" }, @@ -659,6 +668,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "9d7c772b-43f1-49cf-bc70-7a7cd2ed34c8", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "52acea22-7d88-433c-99e6-8fef1657e3ad", "value": "Chrysaor" }, @@ -2220,6 +2238,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f35f219a-6eed-11e8-980a-93bb96299951", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "31d2ce1f-44bf-4738-a41d-ddb43466cd82", "value": "Roaming Mantis" }, @@ -2333,6 +2360,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "f8047de2-fefc-4ee0-825b-f1fae4b20c09", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d87e2574-7b9c-4ea7-98eb-88f3e139f6ff", "value": "Slempo" }, @@ -2493,6 +2529,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a33df440-f112-4a5e-a290-3c65dae6091d", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d99c0a47-9d61-4d92-86ec-86a87b060d76", "value": "Svpeng" }, @@ -2935,6 +2980,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "c76e2ee8-52d1-4a55-81df-5542d232ca32", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a8f167a8-30b9-4953-8eb6-247f0d046d32", "value": "XRat" }, @@ -3026,6 +3080,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "9334c430-0d83-4893-8982-66a1dc1a2b11", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a98a04e5-1f86-44b8-91ff-dbe1534782ba", "value": "TwoFace" }, @@ -3300,6 +3363,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "55f8fb60-6339-4bc2-baa0-41e698e11f95", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "81917a93-6a70-4334-afe2-56904c1fafe9", "value": "Bashlite" }, @@ -4786,6 +4858,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "e537e165-ea8b-4e75-8813-6519632d3f6a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "3fe8f3db-4861-4e78-8b60-a794fe22ae3f", "value": "LiquorBot" }, @@ -4879,6 +4960,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "1d4dec2c-915a-4fef-ba7a-633421bd0848", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "b9168ff8-01df-4cd0-9f70-fe9e7a11eccd", "value": "Masuta" }, @@ -5811,6 +5901,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "1ad4697b-3388-48ed-8621-85abebf5dbbf", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "9e5d83a8-1181-43fe-a77f-28c8c75ffbd0", "value": "Satori" }, @@ -5979,6 +6078,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f258f96c-8281-4b24-8aa7-4e23d1a5540e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "275d65b9-0894-4c9b-a255-83daddb2589c", "value": "SSHDoor" }, @@ -6214,6 +6322,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a71ed71f-b8f4-416d-9c57-910a42e59430", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "592f7cc6-1e07-4d83-8082-aef027e9f1e2", "value": "TSCookie" }, @@ -6293,6 +6410,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "2a18f5dd-40fc-444b-a7c6-85f94b3eee13", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "637000f7-4363-44e0-b795-9cfb7a3dc460", "value": "Umbreon" }, @@ -6397,6 +6523,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "895d769e-b288-4977-a4e1-7d64eb134bf9", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "5ad30da2-2645-4893-acd9-3f8e0fbb5500", "value": "VPNFilter" }, @@ -6430,6 +6565,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "59266c02-e3c8-47a6-b00c-bbb50c8975e9", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "93ffafbd-a8af-4164-b3ab-9b21e6d09232", "value": "WellMail" }, @@ -6556,6 +6700,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "10c981cc-4ef1-4719-8ed7-c5e4c2f6c7a3", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "ee54fc1e-c574-4836-8cdb-992ac38cef32", "value": "Xbash" }, @@ -6792,6 +6945,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "ab4694d6-7043-41f2-b328-d93bec9c1b22", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "8eb9d4aa-257a-45eb-8c65-95c18500171c", "value": "AdWind" }, @@ -6805,6 +6967,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d08201b8-9774-41a1-abdb-c7f3828139b0", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "90cb8ee6-52e6-4d8d-8f45-f04b9aec1f6c", "value": "Adzok" }, @@ -6821,6 +6992,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d279bc1c-baa6-49aa-ab1b-7d012ae8db4e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "30a61fa9-4bd1-427d-9382-ff7c33bd7043", "value": "Banload" }, @@ -6951,6 +7131,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "8abd10df-2c31-4895-8ec1-270603078f47", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "ff24997d-1f17-4f00-b9b8-b3392146540f", "value": "jSpy" }, @@ -7017,6 +7206,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "c3a784ee-cef7-4604-a5ba-ec7b193a5152", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "ef385825-bfa1-4e8c-b368-522db78cf1bd", "value": "QRat" }, @@ -7130,6 +7328,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "81faf0c1-0595-436b-a66a-05d8b435bccd", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "fb75a753-24ba-4b58-b7ed-2e39b0c68c65", "value": "Bateleur" }, @@ -7323,6 +7530,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "cd32b19e-c365-4efc-9998-548e50e04a4c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "cff35ce3-8d6f-417b-ae6c-a9e6a60ee26c", "value": "FAKEUPDATES" }, @@ -7346,6 +7562,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "0bdb6f1c-1229-4556-a535-7444ddfbd7a9", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "5b2569e5-aeb2-4708-889f-c6d598bd5e14", "value": "GootLoader" }, @@ -7612,6 +7837,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "7abd6950-7a07-4d9e-ade1-62414fa50619", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "3e46af39-52e8-442f-aff1-38eeb90336fc", "value": "NanHaiShu" }, @@ -8120,6 +8354,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "5bc62523-dc80-46b4-b5cb-9caf44c11552", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "74360d1e-8f85-44d1-8ce7-e76afb652142", "value": "CpuMeaner" }, @@ -8199,6 +8442,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "34688253-fea5-4770-bf96-55f45077c347", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a8e71805-014d-4998-b21e-3125da800124", "value": "DarthMiner" }, @@ -8376,6 +8628,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "6a6525b9-4656-4973-ab45-588592395d0c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a517cdd1-6c82-4b29-bdd2-87e281227597", "value": "FruitFly" }, @@ -8461,6 +8722,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "c3c20c4b-e12a-42e5-960a-eea4644014f4", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "01325d85-297f-40d5-b829-df9bd996af5a", "value": "Janicab" }, @@ -8598,6 +8868,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "14f08f6f-7f58-48a8-8469-472244ffb571", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "910d3c78-1a9e-4600-a3ea-4aa5563f0f13", "value": "MacDownloader" }, @@ -8708,6 +8987,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "4e2f0af2-6d2d-4a49-adc9-fae3745fcb72", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "aa1bf4e5-9c44-42a2-84e5-7526e4349405", "value": "Mughthesec" }, @@ -8856,6 +9144,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "29e52693-b325-4c14-93de-8f2ff9dca8bf", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "70059ec2-9315-4af7-b65b-2ec35676a7bb", "value": "Pwnet" }, @@ -9507,6 +9804,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "0a339826-d5f8-11e8-b520-5b93fe65a08e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "0db05333-2214-49c3-b469-927788932aaa", "value": "GhostMiner" }, @@ -9523,6 +9829,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d8de6b56-9950-4389-83b8-4fc3262dc4c9", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "286a14a1-7113-4bed-97ce-8db41b312a51", "value": "JasperLoader" }, @@ -9725,6 +10040,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "5629bc84-58eb-42d9-adc6-cd0eeb08ccaf", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "c07f6484-0669-44b7-90e6-f642e316d277", "value": "PowerSpritz" }, @@ -10208,6 +10532,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d0394d50-5316-4405-aa77-1070bdf68b6a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "c752f295-7f08-4cb0-92d5-a0c562abd08c", "value": "LaZagne" }, @@ -10643,6 +10976,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "dd299e22-bf82-4317-8c81-c6b1f7514571", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "97f89048-2a57-48d5-9272-0d1061a14eca", "value": "lampion" }, @@ -10669,6 +11011,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "2bea2cc9-c1cc-453d-a483-541b895867d1", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e9afcd80-c1c6-4194-af32-133fe31e835f", "value": "MOUSEISLAND" }, @@ -11227,6 +11578,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "da079741-05e6-458c-b434-011263dc691c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d9cc15f7-0880-4ae4-8df4-87c58338d6b8", "value": "Agent.BTZ" }, @@ -11354,6 +11714,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "f8cd62cb-b9d3-4352-8f46-0961cfde104c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "b88e29cf-79d9-42bc-b369-0383b5e04380", "value": "Agent Tesla" }, @@ -11531,6 +11900,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "45de0d28-5a20-4190-ae21-68067e36e316", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a0881a0c-e677-495b-b475-290af09bb716", "value": "Alma Communicator" }, @@ -11837,6 +12215,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "588b97ff-3434-4aa1-a5fd-815e1bb0178b", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a180afcc-d42d-4600-b70f-af27aaf851b7", "value": "Anel" }, @@ -12531,6 +12918,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "316c87d4-4404-42ab-9887-f9e321aed93c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e3065e43-503b-4496-921b-7601dd3d6abd", "value": "Auriga" }, @@ -12548,6 +12944,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "70c31066-237a-11e8-8eff-37ef1ad0c703", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "2f899e3e-1a46-43ea-8e68-140603ce943d", "value": "Aurora" }, @@ -12867,6 +13272,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "57b221bc-7ed6-4080-bc66-813d17009485", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "947dffa1-0184-48d4-998e-1899ad97e93e", "value": "Babar" }, @@ -12988,6 +13402,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "78ed653d-2d76-4a99-849e-1509e4573c32", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "8abdd40c-d79a-4353-80e3-29f8a4229a37", "value": "BabyShark" }, @@ -13060,6 +13483,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "cd6c5f27-cf7e-4529-ae9c-ab5b85102bde", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "23398248-a52a-4a7c-af10-262822d33a4e", "value": "backspace" }, @@ -13163,6 +13595,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "48ca79ff-ea36-4a47-8231-0f7f0db0e09e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "f28fa5ca-9466-410c-aa32-4bd102f3f0e1", "value": "BadNews" }, @@ -13311,6 +13752,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "fa9b2176-1248-4d59-8da2-c31c7501a81d", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "5c3c53ff-c81f-4daa-9b60-672650046ed7", "value": "bangat" }, @@ -13354,6 +13804,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "d9431c02-5391-11e8-931f-4beceb8bd697", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "bc67677c-c0e7-4fb1-8619-7f43fa3ff886", "value": "Bankshot" }, @@ -13652,6 +14111,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "066f8ad3-0c99-43eb-990c-8fae2c232f62", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "af338ac2-8103-4419-8393-fb4f3b43af4b", "value": "Bedep" }, @@ -13929,6 +14397,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "f1e05a12-ca50-41ab-a963-d7df5bcb141d", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "f98b4092-5f32-407c-9015-2da787d70c64", "value": "Biscuit" }, @@ -14241,6 +14718,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "5a22cad7-65fa-4b7a-a7aa-7915a6101efa", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "82c644ab-550a-4a83-9b35-d545f4719069", "value": "BlackEnergy" }, @@ -14482,6 +14968,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "8c3202d5-1671-46ec-9d42-cb50dbe2f667", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "0fb57d46-1c4f-49a3-80c2-05bcaa34ec1b", "value": "BlackShades" }, @@ -14745,6 +15240,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "9ff6e087-6755-447a-b537-8f06c7aa4a85", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "1b8cfb29-7a63-459a-bc90-c9ea3634b21c", "value": "Bookworm" }, @@ -14819,6 +15323,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "52d9a474-fc37-48b5-8e39-4394194b9573", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "80487bca-7629-4cb2-bf5b-993d5568b699", "value": "Bouncer" }, @@ -14834,6 +15347,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "cff2e174-52b8-4304-903a-012f97d70b7c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "f9d0e934-879c-4668-b959-6bf7bdc96f5d", "value": "Bozok" }, @@ -14872,6 +15394,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "4c057ade-6989-11e8-9efd-ab33ed427468", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d97ae60e-612a-4feb-908a-8c4d32e9d763", "value": "Brambul" }, @@ -14981,6 +15512,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "e1ca79ea-5628-4266-bb36-3892c7126ef4", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "75a03c4f-8a97-4fc0-a69e-b2e73e4564fc", "value": "BrushaLoader" }, @@ -15190,6 +15730,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "6fc4beee-b922-4d25-833d-8fb574a3c56e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "fa47d59d-7251-468f-9d84-6e1ba21887db", "value": "BumbleBee" }, @@ -15360,6 +15909,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "38d6a0a1-0388-40d4-b8f4-1d58eeb9a07d", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "cad83c5e-2081-4ab4-81c7-32cfc16eae66", "value": "CadelSpy" }, @@ -15514,6 +16072,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "1d9fbf33-faea-40c1-b543-c7b39561f0ff", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "3d3da4c0-004c-400c-9da6-f83fd35d907e", "value": "Cardinal RAT" }, @@ -15554,6 +16121,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "63b3e6fb-9bb8-43dc-9cbf-7681b049b5d6", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "3198501e-0ff0-43b7-96f0-321b463ab656", "value": "Casper" }, @@ -15714,6 +16290,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a032460e-c54c-11e8-9965-43b7b6469a65", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "36f9a5e0-9a78-4b9a-9072-1596c91b59b6", "value": "Chainshot" }, @@ -16391,6 +16976,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "e81b96a2-22e9-445e-88c7-65b67c2299ec", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e4e15ab4-9ba6-444a-b154-2854757e792e", "value": "CMSTAR" }, @@ -16405,6 +16999,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "92628a72-c874-11e8-a094-ebbb3bd1f412", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "7acd9a27-f550-4c47-9fc8-429b61b04217", "value": "CoalaBot" }, @@ -17041,6 +17644,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "97f26fab-af0e-4da9-b4c1-aec70cace22d", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "1a1d3ea4-972e-4c48-8d85-08d9db8f1550", "value": "Cobalt Strike" }, @@ -17179,6 +17791,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "89bd2020-2594-45c4-8957-522c0ac41370", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "333e2e87-b9b0-4e2e-9ed9-7259c55a93db", "value": "Coinminer" }, @@ -17314,6 +17935,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "fa38b79c-9774-45a0-831c-24c6c8d39a22", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "2b71a966-da08-4467-a785-cb6abf2fa65e", "value": "Combos" }, @@ -17391,6 +18021,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "b2c2d42b-a6a3-4ab0-a013-eb1c7461aca9", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "541d5642-0648-4b5a-97b9-81110f273771", "value": "COMpfun" }, @@ -17701,6 +18340,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "63be3d30-0c8d-4c0a-8eee-6c96880734cb", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "9afa9b7e-e2c1-4725-8d8d-cec7933cc63b", "value": "CookieBag" }, @@ -17767,6 +18415,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "3948ce95-468e-4ce1-82b1-57439c6d6afd", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "579cc23d-4ba4-419f-bf8a-f235ed33125e", "value": "Coreshell" }, @@ -18552,6 +19209,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "f6e6540e-c21f-4202-ac46-185e735215db", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "062d8577-d6e6-4c97-bcac-eb6eb1a50a8d", "value": "CyberGate" }, @@ -18674,6 +19340,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "2a56538f-7c21-44b3-b438-5baa025ed005", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "92960f1f-5099-4e38-a177-14a5e3b8d601", "value": "Dairy" }, @@ -18780,6 +19455,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "15949ecb-1f2b-4f59-9cf7-5751694e8fba", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "5086a6e0-53b2-4d96-9eb3-a0237da2e591", "value": "DarkComet" }, @@ -18876,6 +19560,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "7e9f46aa-d5d1-11e8-b782-e71d52d8ac7c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "1aecd6eb-80e2-4598-8504-d93f69c7a8f0", "value": "DarkPulsar" }, @@ -18890,6 +19583,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "c9e6e42a-65c0-418e-ab77-09bcdb1214a3", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "bcff979f-2b4b-41cc-86c9-fe1ea3adce6e", "value": "DarkRat" }, @@ -19299,6 +20001,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "57dd0828-79d7-11e8-a7d8-57db14e1ef24", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "cae8384d-b01b-4f9c-a31b-f693e12ea6b2", "value": "DDKONG" }, @@ -19492,6 +20203,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "c76874cd-0d73-4cbf-8d39-a066900dd4ce", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "17429ed4-6106-4a28-9a76-f19cd476d94b", "value": "Deprimon" }, @@ -19771,6 +20491,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "9fed4326-a7ad-4c58-ab87-90ac3957d82f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "8f5ce8a6-c5fe-4c62-b25b-6ce0f3b724c5", "value": "Dimnie" }, @@ -20293,6 +21022,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "837a295c-15ff-41c0-9b7e-5f2fb502b00a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e6a077cb-42cc-4193-9006-9ceda8c0dff2", "value": "Downdelph" }, @@ -20492,6 +21230,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "276c2c2e-09da-44cf-a3f7-806b3feb41da", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "b4216929-1626-4444-bdd7-bfd4b68a766e", "value": "Dridex" }, @@ -20683,6 +21430,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "809b54c3-dd6a-4ec9-8c3a-a27b9baa6732", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "7344cee0-87c9-46a1-85aa-0d3c8c9c8cc6", "value": "DuQu" }, @@ -20701,6 +21457,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "ff692a4c-23ff-4e86-a03b-2de8d36bc98f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "daa3d1e4-9265-4f1c-b1bd-9242ac570681", "value": "DUSTMAN" }, @@ -20951,6 +21716,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "c0ea7b89-d246-4eb7-8de4-b4e17e135051", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "eb189fd3-ca39-4bc7-be2d-4ea9e89d9ab9", "value": "Elirks" }, @@ -21025,6 +21799,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a8395aae-1496-417d-98ee-3ecbcd9a94a0", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "6bf7aa6a-3003-4222-805e-776cb86dc78a", "value": "Emdivi" }, @@ -21339,6 +22122,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "3f7616bd-f1de-46ee-87c2-43c0c2edaa28", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d29eb927-d53d-4af2-b6ce-17b3a1b34fe7", "value": "Emotet" }, @@ -21488,6 +22280,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "3e0c2d35-87cb-40f9-b341-a6c8dbec697e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "c4490972-3403-4043-9d61-899c0a440940", "value": "EquationDrug" }, @@ -21771,6 +22572,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "91583583-95c0-444e-8175-483cbebc640b", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "91af1080-6378-4a90-ba1e-78634cd31efe", "value": "EtumBot" }, @@ -21803,6 +22613,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "c9b4ec27-0a43-4671-a967-bcac5df0e056", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "438c6d0f-03f0-4b49-89d2-40bf5349c3fc", "value": "EvilGrab" }, @@ -22106,6 +22925,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "1e25d254-3f03-4752-b8d6-023a23e7d4ae", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "6d441619-c5f5-45ff-bc63-24cecd0b237e", "value": "Fanny" }, @@ -22267,6 +23095,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "372cdc12-d909-463c-877a-175f97f7abb5", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "66781866-f064-467d-925d-5e5f290352f0", "value": "Feodo" }, @@ -22407,6 +23244,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "968df869-7f60-4420-989f-23dfdbd58668", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "9ad28356-184c-4f02-89f5-1b70981598c3", "value": "Fireball" }, @@ -22460,6 +23306,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "6ef11b6e-d81a-465b-9dce-fab5c6fe807b", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "9715c6bc-4b1e-49a2-b1d8-db4f4c4f042c", "value": "FireMalv" }, @@ -22555,6 +23410,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "d7963066-62ed-4494-9b8c-4b8b691a7c82", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "c40dbede-490f-4df4-a242-a2461e3cfc4e", "value": "Flame" }, @@ -22664,6 +23528,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "8034978b-3a32-4662-b1bf-b525e59e469f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "057ff707-a008-4ab8-8370-22b689ed3412", "value": "FlokiBot" }, @@ -22846,6 +23719,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "c7e7063b-b2a2-4046-8a19-94dea018eaa0", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "8378b417-605e-4196-b31f-a0c96d75aa50", "value": "Formbook" }, @@ -23403,6 +24285,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "5abd7dee-cca1-4bee-9b82-da3f9be2970b", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "6f155c95-3090-4730-8d3b-0b246162a83a", "value": "GetMail" }, @@ -23467,6 +24358,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "43a0d8a7-558d-4104-8a24-55e6e7a503db", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "ef4383f6-29fd-4b06-9a1f-b788567fd8fd", "value": "Ghole" }, @@ -23516,6 +24416,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "a68f1b43-c742-4f90-974d-2e74ec703e44", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "6201c337-1599-4ced-be9e-651a624c20be", "value": "GhostAdmin" }, @@ -23746,6 +24655,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a379f09b-5cec-4bdb-9735-125cef2de073", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "18208674-fe8c-447f-9e1d-9ff9a64b2370", "value": "GlooxMail" }, @@ -23882,6 +24800,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "4bc55eb3-7c92-4668-a75a-d5e291387613", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "7d89e8dc-4999-47e9-b497-b476e368a8d2", "value": "Goggles" }, @@ -23971,6 +24898,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "1e912590-c879-4a9c-81b9-2d31e82ac718", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "9a3429d7-e4a8-43c5-8786-0b3a1c841a5f", "value": "GoldMax" }, @@ -24124,6 +25060,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "07ffcf9f-b9c0-4b22-af4b-78527427e6f5", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "329efac7-922e-4d8b-90a9-4a87c3281753", "value": "GootKit" }, @@ -24755,6 +25700,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "ff0404a1-465f-4dd5-8b66-ee773628ca64", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "4166ab63-24b0-4448-92ea-21c8deef978d", "value": "Hancitor" }, @@ -24842,6 +25796,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d7183f66-59ec-4803-be20-237b442259fc", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "c04fc02e-f35a-44b6-a9b0-732bf2fc551a", "value": "Havex RAT" }, @@ -24921,6 +25884,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d2c1a439-585a-48bc-8176-c0c46dfac270", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "af8df5d7-cd8c-41ea-b9ec-b69ab7811e2d", "value": "HDRoot" }, @@ -24951,6 +25923,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "7c05c816-481f-499e-9545-d48b635dc2eb", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "9af26655-cfba-4e02-bd10-ad1a494e0b5f", "value": "Helauto" }, @@ -25350,6 +26331,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "06953055-92ed-4936-8ffd-d9d72ab6bef6", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "35fd4bd7-d510-40fd-b89c-8a1b10dbc3f1", "value": "HiKit" }, @@ -25693,6 +26683,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "f3bfe513-2a65-49b5-9d64-a66541dce697", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "3fb18a77-91ef-4c68-a9a9-fa6bdbea38e8", "value": "HTran" }, @@ -25713,6 +26712,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "08e2c9ef-aa62-429f-a6e5-e901ff6883cd", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "79f93d04-f6c8-4705-9395-7f575a61e82f", "value": "HttpBrowser" }, @@ -25853,6 +26861,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "e1bfe1d9-190c-4cf4-aec8-a8f2c41c7d8b", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "b7f1abd3-870b-42ca-9bd1-5931126c68d5", "value": "HyperBro" }, @@ -26443,6 +27460,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "10f50ef8-6e3b-11e8-a648-d73fb4d2f48e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "22755fda-497e-4ef0-823e-5cb6d8701420", "value": "InvisiMole" }, @@ -26709,6 +27735,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "b9707a57-d15f-4937-b022-52cc17f6783f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a3f41c96-a5c8-4dfe-b7fa-d9d75f97979a", "value": "IsSpace" }, @@ -26932,6 +27967,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "673d05fa-4066-442c-bdb6-0c0a2da5ae62", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "8201c8d2-1dab-4473-bbdf-42952b3d5fc6", "value": "Joao" }, @@ -26958,6 +28002,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "4d4528ff-6260-4b5d-b2ea-6e11ca02c396", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "97f12ca8-dc84-4a8c-b4c6-8ec1d1e79631", "value": "Jolob" }, @@ -26985,6 +28038,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "05e2ccec-7050-47cf-b925-50907f57c639", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e895a0d2-fe4b-4793-9440-9db2d56a97f2", "value": "JripBot" }, @@ -27143,6 +28205,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "a9fc6d3d-09d5-45c3-a91e-e8c61ef37908", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a45c16d9-6945-428c-af46-0436903f9329", "value": "Karkoff" }, @@ -27197,6 +28268,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a5399473-859b-4c64-999b-a3b4070cd513", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "bab92070-3589-4b7e-bf05-4f54bfefc2ca", "value": "Kazuar" }, @@ -27379,6 +28459,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "74167065-90b3-4c29-807a-79b6f098e45b", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "28c13455-7f95-40a5-9568-1e8732503507", "value": "KeyBoy" }, @@ -27410,6 +28499,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f7f53bb8-37ed-4bbe-9809-ca1594431536", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "0c213d7f-8c71-4341-aeb0-13be71fbf4e5", "value": "KEYMARBLE" }, @@ -27457,6 +28555,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "72b702d9-43c3-40b9-b004-8d0671225fb8", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "361d3f09-8bc8-4b5a-803f-8686cf346047", "value": "KHRAT" }, @@ -27531,6 +28638,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "3160f772-d458-4bff-970c-1c0431238803", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "61edd17b-322d-45dc-a6a0-31c13ec2338e", "value": "KimJongRat" }, @@ -27574,6 +28690,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a9467439-48d8-4f68-9519-560bb6430f0c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "04d95343-fd44-471d-bfe7-908994a98ea7", "value": "Kingminer" }, @@ -27700,6 +28825,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f9e0b922-253c-40fa-a6d2-e60ec9c6980b", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "3b5faa15-e87e-4aaf-b791-2c5e593793e6", "value": "Koadic" }, @@ -27759,6 +28893,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "24ee55e3-697f-482f-8fa8-d05999df40cd", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "f982fa2d-f78f-4fe1-a86d-d10471a3ebcf", "value": "Konni" }, @@ -28018,6 +29161,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "616c7c32-110e-4bb3-8e99-4c2aeb8f8272", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "1fc49b8c-647a-4484-a2f6-e6f2311f8b58", "value": "Kurton" }, @@ -28054,6 +29206,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d1e548b8-4793-11e8-8dea-6beff82cac0a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "2fc93875-eebb-41ff-a66e-84471c6cd5a3", "value": "Kwampirs" }, @@ -28121,6 +29282,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "635d260f-39d9-4d3f-99ec-d2560cb5d694", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "7fc74551-013f-4dd1-8da9-9266edcc45d0", "value": "LatentBot" }, @@ -28740,6 +29910,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "c740c46b-1d95-42b5-ac3d-2bbab071b859", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d2c111bf-ba0d-498a-8ca8-4cc508855872", "value": "LockPOS" }, @@ -28843,6 +30022,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "6d53a74e-c8a5-11e8-a123-332e4eaac9bb", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "15228ae0-26f9-44d8-8d6e-87b0bd2d2aba", "value": "LoJax" }, @@ -29196,6 +30384,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "fcece2f7-e0ef-44e0-aa9f-578c2a56f532", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "929112e4-e252-4273-b3c2-fd414cfb2776", "value": "Lurk" }, @@ -29656,6 +30853,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "25db921d-d753-4fb1-b51b-961d7fdae6f4", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "13b0d9ff-0be0-4539-8c86-dfca7a0e79f6", "value": "ManItsMe" }, @@ -29696,6 +30902,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "bf08965f-03a5-4cf6-83fb-8d3c9e9398ee", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "8a97307f-a029-4c43-88e1-debed2b80b14", "value": "MAPIget" }, @@ -29841,6 +31056,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "2214b113-6942-494f-94b7-576e74fccdb5", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e30f2243-9e69-4b09-97ab-1643929b97ad", "value": "Matanbuchus" }, @@ -30639,6 +31863,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "7d17dabf-a68e-4eda-a18f-26868ced8e73", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "185d8b28-0179-4ec6-a3c8-201b1936b9aa", "value": "Microcin" }, @@ -30863,6 +32096,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "7f3a035d-d83a-45b8-8111-412aa8ade802", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "588fb91d-59c6-4667-b299-94676d48b17b", "value": "MimiKatz" }, @@ -30909,6 +32151,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "ea9c7068-1c28-4826-a7d1-7ac04760e5c9", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a4f8bacf-2076-4e00-863c-874cdd833a41", "value": "MiniASP" }, @@ -31122,6 +32373,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "74bd8c09-73d5-4ad8-ab1f-e94a4853c936", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "6363cc2f-08f1-47a0-adbf-5cf19ea89ffd", "value": "MM Core" }, @@ -31336,6 +32596,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "aa3aa21f-bc4e-4fb6-acd2-f4b6de482dfe", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e0627961-fc28-4b7d-bb44-f937defa052a", "value": "mongall" }, @@ -31380,6 +32649,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "76ec1827-68a1-488f-9899-2b788ea8db64", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "8465177f-16c8-47fc-a4c8-f4c0409fe460", "value": "MoonWind" }, @@ -31957,6 +33235,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "73cb7ecc-25e3-11e8-a97b-c35ec4e7dcf8", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d8295eba-60ef-4900-8091-d694180de565", "value": "Nautilus" }, @@ -32047,6 +33334,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "97d34770-44cc-4ecb-bdce-ba11581c0e2a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "53ad08a6-cca9-401a-a6da-3c0bff2890eb", "value": "Necurs" }, @@ -32249,6 +33545,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "0ee08ab5-140c-44c3-9b0a-4a352500b14e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "3bb8052e-8ed2-48e3-a2cf-7358bae8c6b5", "value": "NETEAGLE" }, @@ -32349,6 +33654,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "59b70721-6fed-4805-afa5-4ff2554bef81", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "3a26ee44-3224-48f3-aefb-3978c972d928", "value": "NetTraveler" }, @@ -32425,6 +33739,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "5c2eeaec-25e3-11e8-9d28-7f64aba5b173", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "101c2c0e-c082-4b5a-b820-2da789e839d9", "value": "Neuron" }, @@ -32538,6 +33861,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "5abc6792-be17-48ee-a765-29cffa4242ee", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "1d32e7c3-840e-4247-b28b-818cb1c4ae7c", "value": "NewsReels" }, @@ -32556,6 +33888,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "c5e3766c-9527-47c3-94db-f10de2c56248", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "ec50a75e-81f0-48b3-b1df-215eac646421", "value": "NewCT" }, @@ -32837,6 +34178,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "a860d257-4a39-47ec-9230-94cac67ebf7e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "ff611c24-289e-4f2d-88d2-cfbf771a4e4b", "value": "NjRAT" }, @@ -32879,6 +34229,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "9e4fd0d3-9736-421c-b1e1-96c1d3665c80", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "f3cbe9ca-e65e-41af-8eb2-1e9877434124", "value": "Nokki" }, @@ -33037,6 +34396,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "d36f4834-b958-4f32-aff0-5263e0034408", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "9b5255c6-44e5-4ec3-bc03-7e00e220c937", "value": "Nymaim" }, @@ -33130,6 +34498,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d20f9a41-db27-4d53-995e-547f86ff3d1e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d8305201-9fec-4e6b-9eec-7ebb756364e2", "value": "OddJob" }, @@ -33161,6 +34538,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "e2fa7aea-fb33-4efc-b61b-ccae71b32e7d", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "045df65f-77fe-4880-af34-62ca33936c6e", "value": "Odinaff" }, @@ -33194,6 +34580,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "6d1e2736-d363-49aa-9054-9c9e4ac0c520", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "b79a6b61-f122-4823-a4ab-bbab89fcaf75", "value": "OLDBAIT" }, @@ -33232,6 +34627,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "76d5c7a2-73c3-11e8-bd92-db4d715af093", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "f3ba8a50-0105-4aa9-90b2-01df15f50b28", "value": "Olympic Destroyer" }, @@ -33454,6 +34858,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "1d46f816-d159-4457-b98e-c34307d90655", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "7fd96553-4c78-43de-824f-82645ed4fac5", "value": "Ordinypt" }, @@ -33756,6 +35169,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "2c215062-5739-4859-bd82-9639ae1d1756", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e43b67bc-3c16-4a69-b63d-f6bf3d732e1b", "value": "Pandora" }, @@ -34350,6 +35772,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "4859330d-c6a5-4b9c-b45b-536ec983cd4a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e2325481-006f-4ad4-86d9-1a2ae6fea154", "value": "pirpi" }, @@ -34415,6 +35846,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "58b24db2-79d7-11e8-9b1b-bbdbc798af4f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "66087a9c-b5ac-4d6d-b79e-c0294728c876", "value": "PLAINTEE" }, @@ -34685,6 +36125,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "f4b159ea-97e5-483b-854b-c48a78d562aa", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "036bd099-fe80-46c2-9c4c-e5c6df8dcdee", "value": "PlugX" }, @@ -34827,6 +36276,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "2abe89de-46dd-4dae-ae22-b49a593aff54", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "7789fc1b-3cbc-4a1c-8ef0-8b06760f93e7", "value": "Poison Ivy" }, @@ -35248,6 +36706,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "1f1be19e-d1b5-408b-90a0-03ad27cc8924", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "606f778a-8b99-4880-8da8-b923651d627b", "value": "PowerRatankba" }, @@ -35297,6 +36764,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "67ade442-63f2-4319-bdcd-d2564b963ed6", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "00764634-4a21-4c5c-8b1f-fb294c9bdd3f", "value": "Prikormka" }, @@ -35311,6 +36787,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "523e8772-0610-424c-bcfb-9123bcb8328f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a0899fec-161d-4ba8-9594-8b5620c21705", "value": "Prilex" }, @@ -36505,6 +37990,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "6c562458-7970-4d61-aded-1fe4a9002404", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "309f9be7-8824-4452-90b3-cef81fd10099", "value": "Raindrop" }, @@ -36812,6 +38306,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "70dc3e92-9b3b-4fc1-abd2-d98985d83225", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "34b3a45b-e522-4342-91c8-b6aad9817f99", "value": "Raspberry Robin" }, @@ -36836,6 +38339,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "64b3c66b-fc70-4b5a-83a9-866cde2ccb0b", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "eead20f5-6a30-4700-8d14-cfb2d42eaff0", "value": "Ratankba" }, @@ -36976,6 +38488,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "d357a6ff-00e5-4fcc-8b9e-4a9d98a736e7", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "69798a1e-1caf-4bc8-b4af-6508d8a26717", "value": "RDAT" }, @@ -37006,6 +38527,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "22b75148-9d58-4fa7-8459-6ef25bbaf759", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "826c31ca-2617-47e4-b236-205da3881182", "value": "Reaver" }, @@ -37066,6 +38596,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "179f7228-6fcf-4664-a084-57bd296d0cde", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a70e93a7-3578-47e1-9926-0818979ed866", "value": "RedLeaves" }, @@ -37278,6 +38817,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "2c62f08a-9bd9-11e8-9e20-db9ec0d2b277", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "9ee0eb87-7648-4581-b301-7472a48946ad", "value": "reGeorg" }, @@ -37298,6 +38846,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "0cf21558-1217-4d36-9536-2919cfd44825", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "4cbe9373-6b5e-42d0-9750-e0b7fc0d58bb", "value": "Regin" }, @@ -38465,6 +40022,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "a4036a28-3d94-11e8-ad9f-97ada3c6d5fb", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "8d984309-b7fa-4ccf-a6b7-da17283aae2f", "value": "Rovnix" }, @@ -38481,6 +40047,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "ac04d0b0-c6b5-4125-acd7-c58dfe7ad4cf", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "92d87656-5e5b-410c-bdb6-bf028324dc72", "value": "RoyalCli" }, @@ -38562,6 +40137,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d70bd6a8-5fd4-42e8-8e39-fb18daeccdb2", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "b88b50c0-3db9-4b8f-8564-4f56f991bee2", "value": "Ruckguv" }, @@ -39205,6 +40789,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "35849d8f-5bac-475b-82f8-7d555f37de12", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "bdc7cc9c-c46d-4f77-b903-2335cc1a3369", "value": "Sathurbot" }, @@ -39283,6 +40876,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "267bf78e-f430-47b6-8ba0-1ae31698c711", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e343583b-8338-42ea-af60-311578146151", "value": "Scieron" }, @@ -39310,6 +40912,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "5f0f6af2-b644-49a6-8f68-5d4ca58c989e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "b5d90140-f307-402c-9d7f-9cdf21a7cb31", "value": "Scranos" }, @@ -39390,6 +41001,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "7429aaf8-85a8-4ae9-b583-c7eec0f5b0cb", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d66f466a-e70e-4b62-9a04-d62eb41da15c", "value": "SeaSalt" }, @@ -39685,6 +41305,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "c1815516-aa2a-43d2-9136-78a8feb054b6", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "51728278-a95c-45a5-9ae0-9897d41d0efb", "value": "shadowhammer" }, @@ -39749,6 +41378,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "2448a4e1-46e3-4c42-9fd1-f51f8ede58c1", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e089e945-a523-4d11-a135-396f9b6c1dc7", "value": "ShadowPad" }, @@ -39805,6 +41443,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "9ea6d29e-00a7-4042-9bc5-31b1adeee6ec", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d00c8f94-d6b5-40b7-b167-fc546c5dec38", "value": "Shark" }, @@ -39834,6 +41481,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "203fd529-6382-417e-a68f-7565fbf89ece", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d31f1c73-d14b-41e2-bb16-81ee1d886e43", "value": "SHARPKNOT" }, @@ -39925,6 +41581,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "67d712c8-d254-4820-83fa-9a892b87923b", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "6e668c0c-7085-4951-87d4-0334b6a5cdb3", "value": "Shifu" }, @@ -40160,6 +41825,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "304fd753-c917-4008-8f85-81390c37a070", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "0df52c23-690b-4703-83f7-5befc38ab376", "value": "Silence" }, @@ -40784,6 +42458,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "75b01a1e-3269-4f4c-bdba-37af4e9c3f54", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "4f3ad937-bf2f-40cb-9695-a2bedfd41bfa", "value": "Snifula" }, @@ -41417,6 +43100,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "50eb8c54-5828-11e8-8d6b-232bb9329fc0", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "8c38460b-fcfd-434e-b258-875854c6aff6", "value": "StalinLocker" }, @@ -41469,6 +43161,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d0220108-48d7-4056-babc-189048f37a59", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "6df9bbd4-ab32-4d09-afdb-97eed274520a", "value": "StarsyPound" }, @@ -41735,6 +43436,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "1b63293f-13f0-4c25-9bf6-6ebc023fc8ff", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "6ad84f52-0025-4a9d-861a-65c870f47988", "value": "Stuxnet" }, @@ -42045,6 +43755,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "80365d3a-6d46-4195-a772-364749a6dc06", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a51b82ba-7e32-4a8e-b5d0-8d0441bdcce4", "value": "SunOrcal" }, @@ -42059,6 +43778,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "54c03b3c-6f97-46ea-a93f-f07bfd5cdd36", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a89f7e01-b049-4d09-aca3-ce19d91c4544", "value": "SunSeed" }, @@ -42127,6 +43855,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "dd919e75-57e8-4e5c-9451-8be6e734f1f3", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "8666afcc-8cc2-4856-83de-b7e8b4309367", "value": "surtr" }, @@ -42167,6 +43904,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "96fb29fa-7c3a-4124-baf5-cc5f99b2a05f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "2112870f-06f1-44a9-9c43-6cc4fb90e295", "value": "Sword" }, @@ -42425,6 +44171,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d5a4cbe7-81c9-4a52-80ee-07ca3f625844", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "48aa9c41-f420-418b-975c-1fb6e2a91145", "value": "TabMsgSQL" }, @@ -42449,6 +44204,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "cda7d605-23d0-4f93-a585-1276f094c04a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "94323b32-9566-450b-8480-5f9f53b57948", "value": "taidoor" }, @@ -42501,6 +44265,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "b7b4c682-090b-4da2-abc2-541fd3157579", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "71e77349-98f5-49c6-bff7-6ed3b3d79410", "value": "Tapaoux" }, @@ -42675,6 +44448,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "aba3fd7d-87cc-4266-82a1-d458ae299266", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "efa01fef-7faf-4bb2-8630-b3a237df882a", "value": "TEARDROP" }, @@ -43122,6 +44904,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "75f53ead-1aee-4f91-8cb9-b4170d747cfc", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "5eee35b6-bd21-4b67-b198-e9320fcf2c88", "value": "Tinba" }, @@ -43204,6 +44995,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "1b591586-e1ef-4a32-8dae-791aca5ddf41", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d2414f4a-1eda-4d80-84d3-ed130ca14e3c", "value": "TinyTyphon" }, @@ -43219,6 +45019,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "e2cc27a2-4146-4f08-8e80-114a99204cea", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "b933634f-81d0-41ef-bf2f-ea646fc9e59c", "value": "TinyZbot" }, @@ -44774,6 +46583,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "99d9110d-85a4-4819-9f85-05e4b73aa5f3", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "925390a6-f88d-46dc-96ae-4ebc9f0b50b0", "value": "Upatre" }, @@ -44970,6 +46788,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "e95dd1ba-7485-4c02-bf2e-14beedbcf053", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "b662c253-5c87-4ae6-a30e-541db0845f67", "value": "Vawtrak" }, @@ -45342,6 +47169,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "0a52e73b-d7e9-45ae-9bda-46568f753931", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "bbfd4fb4-3e5a-43bf-b4bb-eaf5ef4fb25f", "value": "Volgmer" }, @@ -45663,6 +47499,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "2d8043b4-48ef-4992-a04a-c342cbbb4f87", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e57c677f-0117-4e23-8c3f-a772ed809f4c", "value": "WebC2-AdSpace" }, @@ -45676,6 +47521,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "e2a27431-28ea-42e3-a0cc-72f29828c292", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "64f5ae85-1324-43de-ba3a-063785567be0", "value": "WebC2-Ausov" }, @@ -45689,6 +47543,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a601e1b0-c0bc-4665-9639-4dc5e588520c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "71292a08-9a7b-4df1-b1fd-7d80a8fcc18f", "value": "WebC2-Bolid" }, @@ -45702,6 +47565,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "950a8038-eeec-44a0-b3db-a557e5796416", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "5371bc44-dc07-4992-a3d7-c21705c50ac4", "value": "WebC2-Cson" }, @@ -45715,6 +47587,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "54be66ea-fd26-4f25-b4af-d10d16fa919f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "acdda3e5-e776-419b-b060-14f3406de061", "value": "WebC2-DIV" }, @@ -45728,6 +47609,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "bfe69071-17bf-466f-97fd-669b72053137", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "cfed10ed-6601-469e-a1df-2d561b031244", "value": "WebC2-GreenCat" }, @@ -45741,6 +47631,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "4ef97a7e-5686-44cb-ad91-7a393f32f39b", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "f9f37707-36cf-4ad0-88e0-86f47cbe0ed6", "value": "WebC2-Head" }, @@ -45754,6 +47653,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "e2afc267-9674-4ca3-807f-47678fb40da4", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "15094548-7555-43ee-8c0d-4557d6d8a087", "value": "WebC2-Kt3" }, @@ -45767,6 +47675,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "84f3bacf-abd5-445e-a98a-5b02f1eaac92", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "71d8ef43-3767-494b-afaa-f58aad70df65", "value": "WebC2-Qbp" }, @@ -45780,6 +47697,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "9e36feee-e7d2-400a-960e-5f2bd6ac0c15", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "5350bf3a-26b0-49fb-a0b8-dd68933ea78c", "value": "WebC2-Rave" }, @@ -45793,6 +47719,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "269fee27-f275-44e9-a0db-bebf14d2f83c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "1035ea6f-6743-4e69-861c-454c19ec96ae", "value": "WebC2-Table" }, @@ -45806,6 +47741,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d155c213-02bd-4992-a410-a541a1c1eb40", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "b459033c-2d19-49aa-a21f-44a01d1a4156", "value": "WebC2-UGX" }, @@ -45819,6 +47763,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d49f372e-c4ee-47bd-bc98-e3877fabaf9e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "52c1518d-175c-4b39-bc7c-353d2ddf382e", "value": "WebC2-Yahoo" }, @@ -45879,6 +47832,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "4fe80228-1142-4e70-9df8-c8f1f3356cfb", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d84ebd91-58f6-459f-96a1-d028a1719914", "value": "WellMess" }, @@ -46193,6 +48155,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "36c0faf0-428e-4e7f-93c5-824bb0495ac9", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "6b6cf608-cc2c-40d7-8500-afca3e35e7e4", "value": "Wipbot" }, @@ -46760,6 +48731,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "2a16a1d4-a098-4f17-80f3-3cfc6c60b539", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a673b4fb-a864-4a5b-94ab-3fc4f5606cc8", "value": "Yahoyah" }, @@ -47062,6 +49042,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "8a2ae47a-c7b2-11e8-b223-ab4d8f78f3ef", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "973124e2-0d84-4be5-9c8e-3ff16bb43b42", "value": "Zebrocy" }, @@ -47181,6 +49170,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "40fdcaac-a733-4088-9058-7b15a415b943", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a7e1429f-55bd-41ac-bf45-70c93465d113", "value": "ZeroCleare" }, @@ -47220,6 +49218,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "ff00fa92-b32e-46b6-88ca-98357ebe3f54", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "9b0aa458-dfa9-48af-87ea-c36d1501376c", "value": "ZeroT" }, @@ -47272,6 +49279,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "0ce448de-c2bb-4c6e-9ad7-c4030f02b4d7", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "4e8c1ab7-2841-4823-a5d1-39284fb0969a", "value": "Zeus" }, @@ -47625,6 +49641,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "5b9dc67e-bae4-44f3-b58d-6d842a744104", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "23920e3b-246a-4172-bf9b-5e9f90510a15", "value": "ZXShell" }, @@ -47659,5 +49684,5 @@ "value": "Zyklon" } ], - "version": 15975 + "version": 15976 } diff --git a/clusters/mitre-ics-groups.json b/clusters/mitre-ics-groups.json index cc8d30f..7285382 100644 --- a/clusters/mitre-ics-groups.json +++ b/clusters/mitre-ics-groups.json @@ -29,6 +29,15 @@ "https://www.eisac.com/public-news-detail?id=115909" ] }, + "related": [ + { + "dest-uuid": "a9000eaf-2b75-4ec7-8dcf-fe1bb5c77470", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "fd28d200-2f1f-464a-af1f-fcadac7640a1", "value": "ALLANITE" }, @@ -54,6 +63,15 @@ "https://www.symantec.com/security-center/writeup/2017-030708-4403-99" ] }, + "related": [ + { + "dest-uuid": "4f69ec6d-cb6b-42af-b8e2-920a2aa4be10", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "8f6f8a49-8a22-4494-a4c0-5a341444339a", "value": "APT33" }, @@ -162,6 +180,15 @@ "https://www.symantec.com/connect/blogs/wannacry-ransomware-attacks-show-strong-links-lazarus-group" ] }, + "related": [ + { + "dest-uuid": "68391641-859f-4a9a-9a1e-3e5cf71ec376", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "3bbf3f0f-346d-49ad-9300-3bb0f23c83ef", "value": "Lazarus group" }, @@ -205,6 +232,15 @@ "https://www.cyberviser.com/2018/05/group-linked-to-shamoon-attacks-targeting-ics-networks-in-middle-east-and-uk/" ] }, + "related": [ + { + "dest-uuid": "42be2a84-5a5c-4c6d-9864-3f09d75bb0ba", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "4945c0e7-9f4b-404d-83b2-e5cd3f26c32f", "value": "OilRig" }, @@ -235,6 +271,15 @@ "https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/" ] }, + "related": [ + { + "dest-uuid": "f512de42-f76b-40d2-9923-59e7dbdfec35", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "b4fbf3b0-1a5e-4bdc-8977-74fff1db19ff", "value": "Sandworm" }, @@ -266,5 +311,5 @@ "value": "XENOTIME" } ], - "version": 1 + "version": 2 } diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 03381ac..77832d2 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -1839,6 +1839,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "8f6f8a49-8a22-4494-a4c0-5a341444339a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "4f69ec6d-cb6b-42af-b8e2-920a2aa4be10", @@ -2661,6 +2668,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "b4fbf3b0-1a5e-4bdc-8977-74fff1db19ff", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "f512de42-f76b-40d2-9923-59e7dbdfec35", @@ -3020,6 +3034,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "linked-to" + }, + { + "dest-uuid": "3bbf3f0f-346d-49ad-9300-3bb0f23c83ef", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "68391641-859f-4a9a-9a1e-3e5cf71ec376", @@ -3759,6 +3780,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "4945c0e7-9f4b-404d-83b2-e5cd3f26c32f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "42be2a84-5a5c-4c6d-9864-3f09d75bb0ba", @@ -5862,6 +5890,15 @@ ], "victimology": "Electric utilities, US and UK" }, + "related": [ + { + "dest-uuid": "fd28d200-2f1f-464a-af1f-fcadac7640a1", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a9000eaf-2b75-4ec7-8dcf-fe1bb5c77470", "value": "ALLANITE" }, @@ -11044,5 +11081,5 @@ "value": "Anonymous Sudan" } ], - "version": 267 + "version": 268 } diff --git a/clusters/tool.json b/clusters/tool.json index 76d1f62..3525ebe 100644 --- a/clusters/tool.json +++ b/clusters/tool.json @@ -122,6 +122,15 @@ "HackTool" ] }, + "related": [ + { + "dest-uuid": "c752f295-7f08-4cb0-92d5-a0c562abd08c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d0394d50-5316-4405-aa77-1070bdf68b6a", "value": "Lazagne" }, @@ -720,6 +729,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "588fb91d-59c6-4667-b299-94676d48b17b", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "7f3a035d-d83a-45b8-8111-412aa8ade802", @@ -769,6 +785,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "e2325481-006f-4ad4-86d9-1a2ae6fea154", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "4859330d-c6a5-4b9c-b45b-536ec983cd4a", @@ -817,6 +840,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "23398248-a52a-4a7c-af10-262822d33a4e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "cd6c5f27-cf7e-4529-ae9c-ab5b85102bde", @@ -851,6 +881,15 @@ "Backdoor" ] }, + "related": [ + { + "dest-uuid": "3bb8052e-8ed2-48e3-a2cf-7358bae8c6b5", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "0ee08ab5-140c-44c3-9b0a-4a352500b14e", "value": "Neteagle" }, @@ -1014,6 +1053,15 @@ "WinSpy" ] }, + "related": [ + { + "dest-uuid": "cad83c5e-2081-4ab4-81c7-32cfc16eae66", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "38d6a0a1-0388-40d4-b8f4-1d58eeb9a07d", "value": "Cadelspy" }, @@ -1023,6 +1071,15 @@ "http://researchcenter.paloaltonetworks.com/2016/03/digital-quartermaster-scenario-demonstrated-in-attacks-against-the-mongolian-government/" ] }, + "related": [ + { + "dest-uuid": "e4e15ab4-9ba6-444a-b154-2854757e792e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e81b96a2-22e9-445e-88c7-65b67c2299ec", "value": "CMStar" }, @@ -1110,6 +1167,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "0fb57d46-1c4f-49a3-80c2-05bcaa34ec1b", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "8c3202d5-1671-46ec-9d42-cb50dbe2f667", @@ -1378,6 +1442,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "b79a6b61-f122-4823-a4ab-bbab89fcaf75", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "6d1e2736-d363-49aa-9054-9c9e4ac0c520", @@ -1456,6 +1527,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "579cc23d-4ba4-419f-bf8a-f235ed33125e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "3948ce95-468e-4ce1-82b1-57439c6d6afd", @@ -1519,10 +1597,28 @@ "value": "TinyTyphon" }, { + "related": [ + { + "dest-uuid": "f28fa5ca-9466-410c-aa32-4bd102f3f0e1", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "48ca79ff-ea36-4a47-8231-0f7f0db0e09e", "value": "Badnews" }, { + "related": [ + { + "dest-uuid": "929112e4-e252-4273-b3c2-fd414cfb2776", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "fcece2f7-e0ef-44e0-aa9f-578c2a56f532", "value": "LURK" }, @@ -1555,12 +1651,28 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "b933634f-81d0-41ef-bf2f-ea646fc9e59c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "e2cc27a2-4146-4f08-8e80-114a99204cea", "value": "TinyZBot" }, { + "related": [ + { + "dest-uuid": "ef4383f6-29fd-4b06-9a1f-b788567fd8fd", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "43a0d8a7-558d-4104-8a24-55e6e7a503db", "value": "GHOLE" }, @@ -1619,6 +1731,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "7344cee0-87c9-46a1-85aa-0d3c8c9c8cc6", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "809b54c3-dd6a-4ec9-8c3a-a27b9baa6732", @@ -1632,6 +1751,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "c40dbede-490f-4df4-a242-a2461e3cfc4e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "d7963066-62ed-4494-9b8c-4b8b691a7c82", @@ -1809,6 +1935,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "94323b32-9566-450b-8480-5f9f53b57948", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "cda7d605-23d0-4f93-a585-1276f094c04a", @@ -1833,6 +1966,15 @@ "value": "Rekaf" }, { + "related": [ + { + "dest-uuid": "e343583b-8338-42ea-af60-311578146151", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "267bf78e-f430-47b6-8ba0-1ae31698c711", "value": "Scieron" }, @@ -1908,6 +2050,15 @@ "https://www.fireeye.com/blog/threat-research/2014/09/the-path-to-mass-producing-cyber-attacks.html" ] }, + "related": [ + { + "dest-uuid": "e0627961-fc28-4b7d-bb44-f937defa052a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "aa3aa21f-bc4e-4fb6-acd2-f4b6de482dfe", "value": "Mongall" }, @@ -1976,6 +2127,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "01325d85-297f-40d5-b829-df9bd996af5a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "c3c20c4b-e12a-42e5-960a-eea4644014f4", @@ -1990,6 +2148,15 @@ "Jiripbot" ] }, + "related": [ + { + "dest-uuid": "e895a0d2-fe4b-4793-9440-9db2d56a97f2", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "05e2ccec-7050-47cf-b925-50907f57c639", "value": "Jripbot" }, @@ -2102,6 +2269,15 @@ "HTran" ] }, + "related": [ + { + "dest-uuid": "3fb18a77-91ef-4c68-a9a9-fa6bdbea38e8", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "f3bfe513-2a65-49b5-9d64-a66541dce697", "value": "Htran" }, @@ -2121,6 +2297,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "79f93d04-f6c8-4705-9395-7f575a61e82f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "08e2c9ef-aa62-429f-a6e5-e901ff6883cd", @@ -2249,6 +2432,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "91af1080-6378-4a90-ba1e-78634cd31efe", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "91583583-95c0-444e-8175-483cbebc640b", @@ -2285,6 +2475,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "35fd4bd7-d510-40fd-b89c-8a1b10dbc3f1", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "06953055-92ed-4936-8ffd-d9d72ab6bef6", @@ -2369,6 +2566,15 @@ "http://williamshowalter.com/a-universal-windows-bootkit/" ] }, + "related": [ + { + "dest-uuid": "af8df5d7-cd8c-41ea-b9ec-b69ab7811e2d", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d2c1a439-585a-48bc-8176-c0c46dfac270", "value": "HDRoot" }, @@ -2563,6 +2769,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "00764634-4a21-4c5c-8b1f-fb294c9bdd3f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "67ade442-63f2-4319-bdcd-d2564b963ed6", @@ -2582,6 +2795,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "3e46af39-52e8-442f-aff1-38eeb90336fc", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "7abd6950-7a07-4d9e-ade1-62414fa50619", @@ -3109,10 +3329,28 @@ "PureMasuta" ] }, + "related": [ + { + "dest-uuid": "b9168ff8-01df-4cd0-9f70-fe9e7a11eccd", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "1d4dec2c-915a-4fef-ba7a-633421bd0848", "value": "Masuta" }, { + "related": [ + { + "dest-uuid": "81917a93-6a70-4334-afe2-56904c1fafe9", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "55f8fb60-6339-4bc2-baa0-41e698e11f95", "value": "BASHLITE" }, @@ -3379,6 +3617,15 @@ "Floki" ] }, + "related": [ + { + "dest-uuid": "057ff707-a008-4ab8-8370-22b689ed3412", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "8034978b-3a32-4662-b1bf-b525e59e469f", "value": "Flokibot" }, @@ -3437,6 +3684,15 @@ "Backdoor" ] }, + "related": [ + { + "dest-uuid": "90cb8ee6-52e6-4d8d-8f45-f04b9aec1f6c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d08201b8-9774-41a1-abdb-c7f3828139b0", "value": "adzok" }, @@ -3502,6 +3758,15 @@ "Backdoor" ] }, + "related": [ + { + "dest-uuid": "f9d0e934-879c-4668-b959-6bf7bdc96f5d", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "cff2e174-52b8-4304-903a-012f97d70b7c", "value": "bozok" }, @@ -3528,6 +3793,15 @@ "Backdoor" ] }, + "related": [ + { + "dest-uuid": "062d8577-d6e6-4c97-bcac-eb6eb1a50a8d", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "f6e6540e-c21f-4202-ac46-185e735215db", "value": "cybergate" }, @@ -3548,6 +3822,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "used-by" + }, + { + "dest-uuid": "5086a6e0-53b2-4d96-9eb3-a0237da2e591", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "15949ecb-1f2b-4f59-9cf7-5751694e8fba", @@ -3563,6 +3844,15 @@ "Backdoor" ] }, + "related": [ + { + "dest-uuid": "bcff979f-2b4b-41cc-86c9-fe1ea3adce6e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "c9e6e42a-65c0-418e-ab77-09bcdb1214a3", "value": "darkrat" }, @@ -3663,6 +3953,15 @@ "Backdoor" ] }, + "related": [ + { + "dest-uuid": "e43b67bc-3c16-4a69-b63d-f6bf3d732e1b", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "2c215062-5739-4859-bd82-9639ae1d1756", "value": "pandora" }, @@ -3752,6 +4051,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "ef385825-bfa1-4e8c-b368-522db78cf1bd", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "c3a784ee-cef7-4604-a5ba-ec7b193a5152", @@ -3819,6 +4125,15 @@ "Backdoor" ] }, + "related": [ + { + "dest-uuid": "71e77349-98f5-49c6-bff7-6ed3b3d79410", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "b7b4c682-090b-4da2-abc2-541fd3157579", "value": "tapaoux" }, @@ -3897,6 +4212,15 @@ "Backdoor" ] }, + "related": [ + { + "dest-uuid": "ff24997d-1f17-4f00-b9b8-b3392146540f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "8abd10df-2c31-4895-8ec1-270603078f47", "value": "jspy" }, @@ -3910,6 +4234,15 @@ "Backdoor" ] }, + "related": [ + { + "dest-uuid": "a8f167a8-30b9-4953-8eb6-247f0d046d32", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "c76e2ee8-52d1-4a55-81df-5542d232ca32", "value": "xrat" }, @@ -4068,6 +4401,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "e3065e43-503b-4496-921b-7601dd3d6abd", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "316c87d4-4404-42ab-9887-f9e321aed93c", "value": "AURIGA" }, @@ -4078,6 +4420,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "5c3c53ff-c81f-4daa-9b60-672650046ed7", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "fa9b2176-1248-4d59-8da2-c31c7501a81d", "value": "BANGAT" }, @@ -4095,6 +4446,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "f98b4092-5f32-407c-9015-2da787d70c64", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "f1e05a12-ca50-41ab-a963-d7df5bcb141d", @@ -4107,6 +4465,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "80487bca-7629-4cb2-bf5b-993d5568b699", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "52d9a474-fc37-48b5-8e39-4394194b9573", "value": "BOUNCER" }, @@ -4136,6 +4503,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "2b71a966-da08-4467-a785-cb6abf2fa65e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "fa38b79c-9774-45a0-831c-24c6c8d39a22", "value": "COMBOS" }, @@ -4149,6 +4525,15 @@ "TROJAN.COOKIES" ] }, + "related": [ + { + "dest-uuid": "9afa9b7e-e2c1-4725-8d8d-cec7933cc63b", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "63be3d30-0c8d-4c0a-8eee-6c96880734cb", "value": "COOKIEBAG" }, @@ -4159,6 +4544,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "92960f1f-5099-4e38-a177-14a5e3b8d601", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "2a56538f-7c21-44b3-b438-5baa025ed005", "value": "DAIRY" }, @@ -4169,6 +4563,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "6f155c95-3090-4730-8d3b-0b246162a83a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "5abd7dee-cca1-4bee-9b82-da3f9be2970b", "value": "GETMAIL" }, @@ -4199,6 +4602,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "18208674-fe8c-447f-9e1d-9ff9a64b2370", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "a379f09b-5cec-4bdb-9735-125cef2de073", @@ -4214,6 +4624,15 @@ "TROJAN.FOXY" ] }, + "related": [ + { + "dest-uuid": "7d89e8dc-4999-47e9-b497-b476e368a8d2", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "4bc55eb3-7c92-4668-a75a-d5e291387613", "value": "GOGGLES" }, @@ -4244,6 +4663,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "9af26655-cfba-4e02-bd10-ad1a494e0b5f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "7c05c816-481f-499e-9545-d48b635dc2eb", "value": "HELAUTO" }, @@ -4254,6 +4682,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "1fc49b8c-647a-4484-a2f6-e6f2311f8b58", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "616c7c32-110e-4bb3-8e99-4c2aeb8f8272", "value": "KURTON" }, @@ -4294,6 +4731,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "13b0d9ff-0be0-4539-8c86-dfca7a0e79f6", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "25db921d-d753-4fb1-b51b-961d7fdae6f4", "value": "MANITSME" }, @@ -4305,6 +4751,15 @@ "http://contagiodump.blogspot.com/2010/06/these-days-i-see-spike-in-number-of.html" ] }, + "related": [ + { + "dest-uuid": "8a97307f-a029-4c43-88e1-debed2b80b14", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "bf08965f-03a5-4cf6-83fb-8d3c9e9398ee", "value": "MAPIGET" }, @@ -4315,6 +4770,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "a4f8bacf-2076-4e00-863c-874cdd833a41", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "ea9c7068-1c28-4826-a7d1-7ac04760e5c9", "value": "MINIASP" }, @@ -4325,6 +4789,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "1d32e7c3-840e-4247-b28b-818cb1c4ae7c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "5abc6792-be17-48ee-a765-29cffa4242ee", "value": "NEWSREELS" }, @@ -4335,6 +4808,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "d66f466a-e70e-4b62-9a04-d62eb41da15c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "7429aaf8-85a8-4ae9-b583-c7eec0f5b0cb", "value": "SEASALT" }, @@ -4345,6 +4827,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "6df9bbd4-ab32-4d09-afdb-97eed274520a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d0220108-48d7-4056-babc-189048f37a59", "value": "STARSYPOUND" }, @@ -4355,6 +4846,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "2112870f-06f1-44a9-9c43-6cc4fb90e295", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "96fb29fa-7c3a-4124-baf5-cc5f99b2a05f", "value": "SWORD" }, @@ -4368,6 +4868,15 @@ "TROJAN LETSGO" ] }, + "related": [ + { + "dest-uuid": "48aa9c41-f420-418b-975c-1fb6e2a91145", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d5a4cbe7-81c9-4a52-80ee-07ca3f625844", "value": "TABMSGSQL" }, @@ -4408,6 +4917,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "e57c677f-0117-4e23-8c3f-a772ed809f4c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "2d8043b4-48ef-4992-a04a-c342cbbb4f87", "value": "WEBC2-ADSPACE" }, @@ -4418,6 +4936,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "64f5ae85-1324-43de-ba3a-063785567be0", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e2a27431-28ea-42e3-a0cc-72f29828c292", "value": "WEBC2-AUSOV" }, @@ -4428,6 +4955,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "71292a08-9a7b-4df1-b1fd-7d80a8fcc18f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a601e1b0-c0bc-4665-9639-4dc5e588520c", "value": "WEBC2-BOLID" }, @@ -4448,6 +4984,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "5371bc44-dc07-4992-a3d7-c21705c50ac4", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "950a8038-eeec-44a0-b3db-a557e5796416", "value": "WEBC2-CSON" }, @@ -4458,6 +5003,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "acdda3e5-e776-419b-b060-14f3406de061", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "54be66ea-fd26-4f25-b4af-d10d16fa919f", "value": "WEBC2-DIV" }, @@ -4468,6 +5022,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "cfed10ed-6601-469e-a1df-2d561b031244", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "bfe69071-17bf-466f-97fd-669b72053137", "value": "WEBC2-GREENCAT" }, @@ -4478,6 +5041,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "f9f37707-36cf-4ad0-88e0-86f47cbe0ed6", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "4ef97a7e-5686-44cb-ad91-7a393f32f39b", "value": "WEBC2-HEAD" }, @@ -4488,6 +5060,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "15094548-7555-43ee-8c0d-4557d6d8a087", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e2afc267-9674-4ca3-807f-47678fb40da4", "value": "WEBC2-KT3" }, @@ -4498,6 +5079,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "71d8ef43-3767-494b-afaa-f58aad70df65", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "84f3bacf-abd5-445e-a98a-5b02f1eaac92", "value": "WEBC2-QBP" }, @@ -4508,6 +5098,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "5350bf3a-26b0-49fb-a0b8-dd68933ea78c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "9e36feee-e7d2-400a-960e-5f2bd6ac0c15", "value": "WEBC2-RAVE" }, @@ -4518,6 +5117,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "1035ea6f-6743-4e69-861c-454c19ec96ae", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "269fee27-f275-44e9-a0db-bebf14d2f83c", "value": "WEBC2-TABLE" }, @@ -4538,6 +5146,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "b459033c-2d19-49aa-a21f-44a01d1a4156", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d155c213-02bd-4992-a410-a541a1c1eb40", "value": "WEBC2-UGX" }, @@ -4558,6 +5175,15 @@ "http://contagiodump.blogspot.lu/2013/03/mandiant-apt1-samples-categorized-by.html" ] }, + "related": [ + { + "dest-uuid": "52c1518d-175c-4b39-bc7c-353d2ddf382e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d49f372e-c4ee-47bd-bc98-e3877fabaf9e", "value": "WEBC2-YAHOO" }, @@ -4688,6 +5314,15 @@ "https://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199_useda.html" ] }, + "related": [ + { + "dest-uuid": "7fc74551-013f-4dd1-8da9-9266edcc45d0", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "635d260f-39d9-4d3f-99ec-d2560cb5d694", "value": "LATENTBOT" }, @@ -4951,6 +5586,15 @@ "https://github.com/misterch0c/shadowbroker" ] }, + "related": [ + { + "dest-uuid": "d8305201-9fec-4e6b-9eec-7ebb756364e2", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d20f9a41-db27-4d53-995e-547f86ff3d1e", "value": "ODDJOB" }, @@ -5026,6 +5670,15 @@ "https://www.fireeye.com/blog/threat-research/2010/10/feodosoff-a-new-botnet-on-the-rise.html" ] }, + "related": [ + { + "dest-uuid": "66781866-f064-467d-925d-5e5f290352f0", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "372cdc12-d909-463c-877a-175f97f7abb5", "value": "feodo" }, @@ -5043,6 +5696,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "3d3da4c0-004c-400c-9da6-f83fd35d907e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "1d9fbf33-faea-40c1-b543-c7b39561f0ff", @@ -5055,6 +5715,15 @@ "https://www.us-cert.gov/ncas/alerts/TA17-117A" ] }, + "related": [ + { + "dest-uuid": "a70e93a7-3578-47e1-9926-0818979ed866", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "179f7228-6fcf-4664-a084-57bd296d0cde", "value": "REDLEAVES" }, @@ -5139,6 +5808,15 @@ "https://securingtomorrow.mcafee.com/mcafee-labs/banload-trojan-targets-brazilians-with-malware-downloads/" ] }, + "related": [ + { + "dest-uuid": "30a61fa9-4bd1-427d-9382-ff7c33bd7043", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d279bc1c-baa6-49aa-ab1b-7d012ae8db4e", "value": "Banload" }, @@ -5178,6 +5856,15 @@ "https://www.arbornetworks.com/blog/asert/lockpos-joins-flock/" ] }, + "related": [ + { + "dest-uuid": "d2c111bf-ba0d-498a-8ca8-4cc508855872", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "c740c46b-1d95-42b5-ac3d-2bbab071b859", "value": "LockPoS" }, @@ -5240,6 +5927,15 @@ "https://www.bleepingcomputer.com/news/security/report-ties-north-korean-attacks-to-new-malware-linked-by-word-macros/" ] }, + "related": [ + { + "dest-uuid": "f3cbe9ca-e65e-41af-8eb2-1e9877434124", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "9e4fd0d3-9736-421c-b1e1-96c1d3665c80", "value": "NOKKI" }, @@ -5302,6 +5998,15 @@ "webshell" ] }, + "related": [ + { + "dest-uuid": "a98a04e5-1f86-44b8-91ff-dbe1534782ba", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "9334c430-0d83-4893-8982-66a1dc1a2b11", "value": "TwoFace" }, @@ -5417,6 +6122,15 @@ "https://www.arbornetworks.com/blog/asert/formidable-formbook-form-grabber/" ] }, + "related": [ + { + "dest-uuid": "8378b417-605e-4196-b31f-a0c96d75aa50", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "c7e7063b-b2a2-4046-8a19-94dea018eaa0", "value": "FormBook" }, @@ -5446,6 +6160,15 @@ "https://researchcenter.paloaltonetworks.com/2017/11/unit42-oilrig-deploys-alma-communicator-dns-tunneling-trojan/" ] }, + "related": [ + { + "dest-uuid": "a0881a0c-e677-495b-b475-290af09bb716", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "45de0d28-5a20-4190-ae21-68067e36e316", "value": "ALMA Communicator" }, @@ -5723,6 +6446,15 @@ "http://blog.trendmicro.com/trendlabs-security-intelligence/dissecting-prilex-cutlet-maker-atm-malware-families/" ] }, + "related": [ + { + "dest-uuid": "a0899fec-161d-4ba8-9594-8b5620c21705", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "523e8772-0610-424c-bcfb-9123bcb8328f", "value": "PRILEX" }, @@ -5773,6 +6505,15 @@ "https://www.proofpoint.com/sites/default/files/pfpt-us-wp-north-korea-bitten-by-bitcoin-bug.pdf" ] }, + "related": [ + { + "dest-uuid": "c07f6484-0669-44b7-90e6-f642e316d277", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "5629bc84-58eb-42d9-adc6-cd0eeb08ccaf", "value": "PowerSpritz" }, @@ -5802,6 +6543,15 @@ "http://blog.trendmicro.com/trendlabs-security-intelligence/ratankba-watering-holes-against-enterprises/" ] }, + "related": [ + { + "dest-uuid": "eead20f5-6a30-4700-8d14-cfb2d42eaff0", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "64b3c66b-fc70-4b5a-83a9-866cde2ccb0b", "value": "Ratankba" }, @@ -5864,6 +6614,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "333e2e87-b9b0-4e2e-9ed9-7259c55a93db", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "89bd2020-2594-45c4-8957-522c0ac41370", @@ -6034,6 +6791,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "592f7cc6-1e07-4d83-8082-aef027e9f1e2", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "a71ed71f-b8f4-416d-9c57-910a42e59430", @@ -6718,6 +7482,15 @@ "StalinScreamer" ] }, + "related": [ + { + "dest-uuid": "8c38460b-fcfd-434e-b258-875854c6aff6", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "50eb8c54-5828-11e8-8d6b-232bb9329fc0", "value": "StalinLocker" }, @@ -6730,6 +7503,15 @@ "https://www.fortinet.com/blog/threat-research/defending-against-the-new-vpnfilter-botnet.html" ] }, + "related": [ + { + "dest-uuid": "5ad30da2-2645-4893-acd9-3f8e0fbb5500", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "895d769e-b288-4977-a4e1-7d64eb134bf9", "value": "VPNFilter" }, @@ -7284,6 +8066,15 @@ "https://researchcenter.paloaltonetworks.com/2018/09/unit42-xbash-combines-botnet-ransomware-coinmining-worm-targets-linux-windows/" ] }, + "related": [ + { + "dest-uuid": "ee54fc1e-c574-4836-8cdb-992ac38cef32", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "10c981cc-4ef1-4719-8ed7-c5e4c2f6c7a3", "value": "Xbash" }, @@ -7295,6 +8086,15 @@ "https://www.bleepingcomputer.com/news/security/lojax-command-and-control-domains-still-active/" ] }, + "related": [ + { + "dest-uuid": "15228ae0-26f9-44d8-8d6e-87b0bd2d2aba", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "6d53a74e-c8a5-11e8-a123-332e4eaac9bb", "value": "LoJax" }, @@ -7305,6 +8105,15 @@ "https://www.bleepingcomputer.com/news/security/new-chainshot-malware-found-by-cracking-512-bit-rsa-key/" ] }, + "related": [ + { + "dest-uuid": "36f9a5e0-9a78-4b9a-9072-1596c91b59b6", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a032460e-c54c-11e8-9965-43b7b6469a65", "value": "Chainshot" }, @@ -7320,6 +8129,15 @@ }, { "description": "Treasury has identified a sophisticated cyber-enabled ATM cash out campaign we are calling FASTCash. FASTCash has been active since late 2016 targeting banks in Africa and Asia to remotely compromise payment switch application servers within banks to facilitate fraudulent transactions, primarily involving ATMs, to steal cash equivalent to tens of millions of dollars. FBI has attributed malware used in this campaign to the North Korean government. We expect FASTCash to continue targeting retail payment systems vulnerable to remote exploitation.", + "related": [ + { + "dest-uuid": "e8a04177-6a91-46a6-9f63-6a9fac4dfa02", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e306fe62-c708-11e8-89f2-073e396e5403", "value": "FASTCash" }, @@ -7333,6 +8151,15 @@ "Zekapab" ] }, + "related": [ + { + "dest-uuid": "973124e2-0d84-4be5-9c8e-3ff16bb43b42", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "8a2ae47a-c7b2-11e8-b223-ab4d8f78f3ef", "value": "Zebrocy" }, @@ -7342,6 +8169,15 @@ "https://malware.dontneedcoffee.com/2017/10/coalabot-http-ddos-bot.html" ] }, + "related": [ + { + "dest-uuid": "7acd9a27-f550-4c47-9fc8-429b61b04217", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "92628a72-c874-11e8-a094-ebbb3bd1f412", "value": "CoalaBot" }, @@ -7368,6 +8204,15 @@ "Dark Pulsar" ] }, + "related": [ + { + "dest-uuid": "1aecd6eb-80e2-4598-8504-d93f69c7a8f0", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "7e9f46aa-d5d1-11e8-b782-e71d52d8ac7c", "value": "DarkPulsar" }, @@ -7446,6 +8291,15 @@ "https://www.alienvault.com/forums/discussion/17301/alienvault-labs-threat-intelligence-update-for-usm-anywhere-march-25-march-31-2018" ] }, + "related": [ + { + "dest-uuid": "0db05333-2214-49c3-b469-927788932aaa", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "0a339826-d5f8-11e8-b520-5b93fe65a08e", "value": "GhostMiner" }, @@ -7507,6 +8361,15 @@ "https://www.bleepingcomputer.com/news/security/new-kingminer-threat-shows-cryptominer-evolution/" ] }, + "related": [ + { + "dest-uuid": "04d95343-fd44-471d-bfe7-908994a98ea7", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a9467439-48d8-4f68-9519-560bb6430f0c", "value": "KingMiner" }, @@ -7559,6 +8422,15 @@ "https://www.bleepingcomputer.com/news/security/new-lamepyre-macos-malware-sends-screenshots-to-attacker/" ] }, + "related": [ + { + "dest-uuid": "a8e71805-014d-4998-b21e-3125da800124", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "34688253-fea5-4770-bf96-55f45077c347", "value": "DarthMiner" }, @@ -7601,6 +8473,15 @@ "UPPERCUT" ] }, + "related": [ + { + "dest-uuid": "a180afcc-d42d-4600-b70f-af27aaf851b7", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "588b97ff-3434-4aa1-a5fd-815e1bb0178b", "value": "ANEL" }, @@ -7611,6 +8492,15 @@ "https://unit42.paloaltonetworks.com/new-babyshark-malware-targets-u-s-national-security-think-tanks/" ] }, + "related": [ + { + "dest-uuid": "8abdd40c-d79a-4353-80e3-29f8a4229a37", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "78ed653d-2d76-4a99-849e-1509e4573c32", "value": "BabyShark" }, @@ -7686,6 +8576,15 @@ "https://blog.talosintelligence.com/2019/02/combing-through-brushaloader.html" ] }, + "related": [ + { + "dest-uuid": "75a03c4f-8a97-4fc0-a69e-b2e73e4564fc", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e1ca79ea-5628-4266-bb36-3892c7126ef4", "value": "Brushaloader" }, @@ -7696,6 +8595,15 @@ "https://blog.talosintelligence.com/2019/04/dnspionage-brings-out-karkoff.html" ] }, + "related": [ + { + "dest-uuid": "a45c16d9-6945-428c-af46-0436903f9329", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "a9fc6d3d-09d5-45c3-a91e-e8c61ef37908", "value": "Karkoff" }, @@ -7706,6 +8614,15 @@ "https://malware.lu/assets/files/articles/RAP003_KimJongRAT-Stealer_Analysis.1.0.pdf" ] }, + "related": [ + { + "dest-uuid": "61edd17b-322d-45dc-a6a0-31c13ec2338e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "3160f772-d458-4bff-970c-1c0431238803", "value": "KimJongRAT" }, @@ -7726,6 +8643,15 @@ "https://blog.talosintelligence.com/2019/04/jasperloader-targets-italy.html?m=1" ] }, + "related": [ + { + "dest-uuid": "286a14a1-7113-4bed-97ce-8db41b312a51", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d8de6b56-9950-4389-83b8-4fc3262dc4c9", "value": "JasperLoader" }, @@ -7737,6 +8663,15 @@ "https://techcrunch.com/2019/04/16/scranos-rootkit-passwords-payments/?guccounter=1&guce_referrer_us=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_cs=MrGSn18TmNoWovpLbekFYA" ] }, + "related": [ + { + "dest-uuid": "b5d90140-f307-402c-9d7f-9cdf21a7cb31", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "5f0f6af2-b644-49a6-8f68-5d4ca58c989e", "value": "Scranos" }, @@ -7762,6 +8697,13 @@ "estimative-language:likelihood-probability=\"roughly-even-chance\"" ], "type": "similar" + }, + { + "dest-uuid": "826c31ca-2617-47e4-b236-205da3881182", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "22b75148-9d58-4fa7-8459-6ef25bbaf759", @@ -7789,6 +8731,13 @@ "estimative-language:likelihood-probability=\"roughly-even-chance\"" ], "type": "similar" + }, + { + "dest-uuid": "8666afcc-8cc2-4856-83de-b7e8b4309367", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "dd919e75-57e8-4e5c-9451-8be6e734f1f3", @@ -7816,6 +8765,13 @@ "estimative-language:likelihood-probability=\"roughly-even-chance\"" ], "type": "similar" + }, + { + "dest-uuid": "a51b82ba-7e32-4a8e-b5d0-8d0441bdcce4", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "80365d3a-6d46-4195-a772-364749a6dc06", @@ -7829,6 +8785,15 @@ "https://unit42.paloaltonetworks.com/bookworm-trojan-a-model-of-modular-architecture/" ] }, + "related": [ + { + "dest-uuid": "1b8cfb29-7a63-459a-bc90-c9ea3634b21c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "9ff6e087-6755-447a-b537-8f06c7aa4a85", "value": "Bookworm" }, @@ -7865,6 +8830,15 @@ "https://www.gdatasoftware.com/blog/2014/10/23941-com-object-hijacking-the-discreet-way-of-persistence" ] }, + "related": [ + { + "dest-uuid": "541d5642-0648-4b5a-97b9-81110f273771", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "b2c2d42b-a6a3-4ab0-a013-eb1c7461aca9", "value": "COMpfun" }, @@ -7900,6 +8874,15 @@ "https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Winnti.pdf" ] }, + "related": [ + { + "dest-uuid": "51728278-a95c-45a5-9ae0-9897d41d0efb", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "c1815516-aa2a-43d2-9136-78a8feb054b6", "value": "ShadowHammer" }, @@ -7911,6 +8894,15 @@ "https://www.welivesecurity.com/2019/11/21/deprimon-default-print-monitor-malicious-downloader/" ] }, + "related": [ + { + "dest-uuid": "17429ed4-6106-4a28-9a76-f19cd476d94b", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "c76874cd-0d73-4cbf-8d39-a066900dd4ce", "value": "DePriMon" }, @@ -7969,6 +8961,15 @@ "https://www.ibm.com/downloads/cas/OAJ4VZNJ" ] }, + "related": [ + { + "dest-uuid": "a7e1429f-55bd-41ac-bf45-70c93465d113", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "40fdcaac-a733-4088-9058-7b15a415b943", "value": "ZeroCleare" }, @@ -7979,6 +8980,15 @@ "https://mobile.twitter.com/IntezerLabs/status/1215252764080644098" ] }, + "related": [ + { + "dest-uuid": "daa3d1e4-9265-4f1c-b1bd-9242ac570681", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "ff692a4c-23ff-4e86-a03b-2de8d36bc98f", "value": "Dustman" }, @@ -7999,6 +9009,15 @@ "https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/" ] }, + "related": [ + { + "dest-uuid": "97f89048-2a57-48d5-9272-0d1061a14eca", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "dd299e22-bf82-4317-8c81-c6b1f7514571", "value": "Lampion" }, @@ -8009,6 +9028,15 @@ "https://labs.bitdefender.com/2020/01/hold-my-beer-mirai-spinoff-named-liquorbot-incorporates-cryptomining/" ] }, + "related": [ + { + "dest-uuid": "3fe8f3db-4861-4e78-8b60-a794fe22ae3f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e537e165-ea8b-4e75-8813-6519632d3f6a", "value": "LiquorBot" }, @@ -8085,7 +9113,15 @@ "post-exploitation framework" ] }, - "related": [], + "related": [ + { + "dest-uuid": "1a1d3ea4-972e-4c48-8d85-08d9db8f1550", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "97f26fab-af0e-4da9-b4c1-aec70cace22d", "value": "Cobalt Strike" }, @@ -8134,7 +9170,15 @@ "RAT" ] }, - "related": [], + "related": [ + { + "dest-uuid": "d84ebd91-58f6-459f-96a1-d028a1719914", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "4fe80228-1142-4e70-9df8-c8f1f3356cfb", "value": "WellMess" }, @@ -8149,7 +9193,15 @@ "RAT" ] }, - "related": [], + "related": [ + { + "dest-uuid": "93ffafbd-a8af-4164-b3ab-9b21e6d09232", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "59266c02-e3c8-47a6-b00c-bbb50c8975e9", "value": "WellMail" }, @@ -8241,7 +9293,15 @@ "RAT" ] }, - "related": [], + "related": [ + { + "dest-uuid": "b7f1abd3-870b-42ca-9bd1-5931126c68d5", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "e1bfe1d9-190c-4cf4-aec8-a8f2c41c7d8b", "value": "HyperBro" }, @@ -8321,7 +9381,15 @@ "backdoor" ] }, - "related": [], + "related": [ + { + "dest-uuid": "69798a1e-1caf-4bc8-b4af-6508d8a26717", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "d357a6ff-00e5-4fcc-8b9e-4a9d98a736e7", "value": "RDAT" }, @@ -8347,6 +9415,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "variant-of" + }, + { + "dest-uuid": "efa01fef-7faf-4bb2-8630-b3a237df882a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "aba3fd7d-87cc-4266-82a1-d458ae299266", @@ -8367,6 +9442,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "used-by" + }, + { + "dest-uuid": "9a3429d7-e4a8-43c5-8786-0b3a1c841a5f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "1e912590-c879-4a9c-81b9-2d31e82ac718", @@ -8393,6 +9475,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "variant-of" + }, + { + "dest-uuid": "309f9be7-8824-4452-90b3-cef81fd10099", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "6c562458-7970-4d61-aded-1fe4a9002404", @@ -8447,6 +9536,15 @@ "Loader" ] }, + "related": [ + { + "dest-uuid": "e30f2243-9e69-4b09-97ab-1643929b97ad", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "2214b113-6942-494f-94b7-576e74fccdb5", "value": "Matanbuchus" }, @@ -8481,6 +9579,15 @@ "https://www.prevailion.com/latest-targets-of-cyber-group-lyceum/" ] }, + "related": [ + { + "dest-uuid": "d00c8f94-d6b5-40b7-b167-fc546c5dec38", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "9ea6d29e-00a7-4042-9bc5-31b1adeee6ec", "value": "Shark" }, @@ -8529,6 +9636,13 @@ { "dest-uuid": "68d8c25b-8595-4c20-a5c7-a11a2a34b717", "type": "used-by" + }, + { + "dest-uuid": "185d8b28-0179-4ec6-a3c8-201b1936b9aa", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "7d17dabf-a68e-4eda-a18f-26868ced8e73", @@ -8564,6 +9678,15 @@ "https://www.mandiant.com/resources/blog/melting-unc2198-icedid-to-ransomware-operations" ] }, + "related": [ + { + "dest-uuid": "e9afcd80-c1c6-4194-af32-133fe31e835f", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "2bea2cc9-c1cc-453d-a483-541b895867d1", "value": "MOUSEISLAND" }, @@ -8575,6 +9698,15 @@ "https://blogs.blackberry.com/en/2022/07/gootloader-from-seo-poisoning-to-multi-stage-downloader" ] }, + "related": [ + { + "dest-uuid": "5b2569e5-aeb2-4708-889f-c6d598bd5e14", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "0bdb6f1c-1229-4556-a535-7444ddfbd7a9", "value": "GootLoader" }, @@ -8596,6 +9728,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "related-to" + }, + { + "dest-uuid": "fa47d59d-7251-468f-9d84-6e1ba21887db", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "6fc4beee-b922-4d25-833d-8fb574a3c56e", @@ -8631,6 +9770,15 @@ "Worm" ] }, + "related": [ + { + "dest-uuid": "34b3a45b-e522-4342-91c8-b6aad9817f99", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "70dc3e92-9b3b-4fc1-abd2-d98985d83225", "value": "Raspberry Robin" }, @@ -8687,6 +9835,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "used-by" + }, + { + "dest-uuid": "cff35ce3-8d6f-417b-ae6c-a9e6a60ee26c", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" } ], "uuid": "cd32b19e-c365-4efc-9998-548e50e04a4c", @@ -8739,6 +9894,15 @@ "https://blogs.blackberry.com/en/2022/03/threat-thursday-sunseed-malware" ] }, + "related": [ + { + "dest-uuid": "a89f7e01-b049-4d09-aca3-ce19d91c4544", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "similar" + } + ], "uuid": "54c03b3c-6f97-46ea-a93f-f07bfd5cdd36", "value": "SunSeed" }, @@ -8868,5 +10032,5 @@ "value": "QUARTERRIG" } ], - "version": 164 + "version": 165 }