MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #18 from Delta-Sierra/master 

add APT28's tools
pull/20/head
Alexandre Dulaunoy 2017-01-16 12:11:18 +01:00 committed by GitHub
parent 19406277d4 edea2d25ee
commit 189efa1473
1 changed files with 76 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
clusters/tool.json
View File

@ -303,13 +303,86 @@
"value": "CORESHELL"
},
{
"value": "CHOPSTICK"
"value": "CHOPSTICK",
"description": "backdoor",
"meta": {
"synonyms": [
"Xagent",
"webhp",
"SPLM",
"(.v2 fysbis)"
],
"refs": [
"https://www2.fireeye.com/rs/848-DID-242/images/APT28-Center-of-Storm-2017.pdf"
]
}
},
{
"value": "SOURFACE"
"value": "EVILTOSS",
"description": "backdoor",
"meta": {
"synonyms": [
"Sedreco",
"AZZY",
"Xagent",
"ADVSTORESHELL",
"NETUI"
],
"refs": [
"https://www2.fireeye.com/rs/848-DID-242/images/APT28-Center-of-Storm-2017.pdf"
]
}
},
{
"value": "OLDBAIT"
"value": "GAMEFISH",
"description": "backdoor",
"meta": {
"synonyms": [
"Sednit",
"Seduploader",
"JHUHUGIT",
"Sofacy"
],
"refs": [
"https://www2.fireeye.com/rs/848-DID-242/images/APT28-Center-of-Storm-2017.pdf"
]
}
},
{
"value": "SOURFACE",
"description": "downloader - Older version of CORESHELL",
"meta": {
"synonyms": [
"Sofacy"
],
"refs": [
"https://www2.fireeye.com/rs/848-DID-242/images/APT28-Center-of-Storm-2017.pdf"
]
}
},
{
"value": "OLDBAIT",
"description": "credential harvester",
"meta": {
"synonyms": [
"Sasfis"
],
"refs": [
"https://www2.fireeye.com/rs/848-DID-242/images/APT28-Center-of-Storm-2017.pdf"
]
}
},
{
"value": "CORESHELL",
"description": "downloader - Newer version of SOURFACE",
"meta": {
"synonyms": [
"Sofacy"
],
"refs": [
"https://www2.fireeye.com/rs/848-DID-242/images/APT28-Center-of-Storm-2017.pdf"
]
}
},
{
"value": "Havex RAT",