mirror of https://github.com/MISP/misp-galaxy
commit
13ca5c4245
|
@ -211,6 +211,9 @@
|
||||||
"https://www.proofpoint.com/us/threat-insight/post/threat-actors-using-legitimate-paypal-accounts-to-distribute-chthonic-banking-trojan",
|
"https://www.proofpoint.com/us/threat-insight/post/threat-actors-using-legitimate-paypal-accounts-to-distribute-chthonic-banking-trojan",
|
||||||
"https://securelist.com/chthonic-a-new-modification-of-zeus/68176/"
|
"https://securelist.com/chthonic-a-new-modification-of-zeus/68176/"
|
||||||
],
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"Chtonic"
|
||||||
|
],
|
||||||
"date": "First seen fall of 2014"
|
"date": "First seen fall of 2014"
|
||||||
},
|
},
|
||||||
"description": "Chthonic according to Kaspersky is an evolution of Zeus VM. It uses the same encryptor as Andromeda bot, the same encryption scheme as Zeus AES and Zeus V2 Trojans, and a virtual machine similar to that used in ZeusVM and KINS malware.",
|
"description": "Chthonic according to Kaspersky is an evolution of Zeus VM. It uses the same encryptor as Andromeda bot, the same encryption scheme as Zeus AES and Zeus V2 Trojans, and a virtual machine similar to that used in ZeusVM and KINS malware.",
|
||||||
|
@ -568,7 +571,7 @@
|
||||||
"uuid": "f93acc85-8d2c-41e0-b0c5-47795b8c6194"
|
"uuid": "f93acc85-8d2c-41e0-b0c5-47795b8c6194"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 7,
|
"version": 8,
|
||||||
"uuid": "59f20cce-5420-4084-afd5-0884c0a83832",
|
"uuid": "59f20cce-5420-4084-afd5-0884c0a83832",
|
||||||
"description": "A list of banker malware.",
|
"description": "A list of banker malware.",
|
||||||
"authors": [
|
"authors": [
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
],
|
],
|
||||||
"description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
|
"description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
|
||||||
"uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f",
|
"uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f",
|
||||||
"version": 63,
|
"version": 64,
|
||||||
"values": [
|
"values": [
|
||||||
{
|
{
|
||||||
"meta": {
|
"meta": {
|
||||||
|
@ -1704,15 +1704,6 @@
|
||||||
"value": "DownRage",
|
"value": "DownRage",
|
||||||
"uuid": "ab5c4362-c369-4c78-985d-04ba1226ea32"
|
"uuid": "ab5c4362-c369-4c78-985d-04ba1226ea32"
|
||||||
},
|
},
|
||||||
{
|
|
||||||
"meta": {
|
|
||||||
"refs": [
|
|
||||||
"https://www.proofpoint.com/us/threat-insight/post/threat-actors-using-legitimate-paypal-accounts-to-distribute-chthonic-banking-trojan"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"value": "Chthonic",
|
|
||||||
"uuid": "783f61a1-8210-4145-b801-53f71b909ebf"
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"value": "GeminiDuke",
|
"value": "GeminiDuke",
|
||||||
"description": "GeminiDuke is malware that was used by APT29 from 2009 to 2012.",
|
"description": "GeminiDuke is malware that was used by APT29 from 2009 to 2012.",
|
||||||
|
|
Loading…
Reference in New Issue