mirror of https://github.com/MISP/misp-galaxy
add Hagga threat actor
parent
9c9561bce8
commit
18ee466ae4
|
@ -11337,7 +11337,27 @@
|
||||||
},
|
},
|
||||||
"uuid": "aac49b4e-74e9-49fa-84f9-e340cf8bafbc",
|
"uuid": "aac49b4e-74e9-49fa-84f9-e340cf8bafbc",
|
||||||
"value": "APT43"
|
"value": "APT43"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Hagga is believed to have been using Agent Tesla, 2021’s sixth most prevalent malware, to steal sensitive information from his victims since the latter part of 2021.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.team-cymru.com/post/an-analysis-of-infrastructure-linked-to-the-hagga-threat-actor",
|
||||||
|
"https://otx.alienvault.com/pulse/62cfe4ef3415be5f83be81d1"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"related": [
|
||||||
|
{
|
||||||
|
"dest-uuid": "f8cd62cb-b9d3-4352-8f46-0961cfde104c",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"likely\""
|
||||||
|
],
|
||||||
|
"type": "uses"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 273
|
"uuid": "1e318d85-79c7-4988-83b7-ff86a974786c",
|
||||||
|
"value": "Hagga"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"version": 274
|
||||||
}
|
}
|
||||||
|
|
|
@ -6308,6 +6308,13 @@
|
||||||
"estimative-language:likelihood-probability=\"likely\""
|
"estimative-language:likelihood-probability=\"likely\""
|
||||||
],
|
],
|
||||||
"type": "similar"
|
"type": "similar"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"dest-uuid": "1e318d85-79c7-4988-83b7-ff86a974786c",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"likely\""
|
||||||
|
],
|
||||||
|
"type": "used-by"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"uuid": "f8cd62cb-b9d3-4352-8f46-0961cfde104c",
|
"uuid": "f8cd62cb-b9d3-4352-8f46-0961cfde104c",
|
||||||
|
@ -10596,5 +10603,5 @@
|
||||||
"value": "VENOMBITE"
|
"value": "VENOMBITE"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 167
|
"version": 168
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue