MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [backdoor] Adds BOLDMOVE 

Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
pull/812/head
Jürgen Löhel 2023-01-30 16:39:11 -06:00
parent 150e3152cc
commit 33513241bd
No known key found for this signature in database
GPG Key ID: 54E44C4D345DD098
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
clusters/backdoor.json
View File

@ -193,7 +193,19 @@
},
"uuid": "0c3b1aa5-3a33-493e-9126-28ebced4ed09",
"value": "BPFDoor"
},
{
"description": "According to Mandiant, this malware family is attributed to potential chinese background and its Linux variant is related to exploitation of Fortinet's SSL-VPN (CVE-2022-42475).",
"meta": {
"refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/win.boldmove",
"https://malpedia.caad.fkie.fraunhofer.de/details/elf.boldmove",
"https://www.mandiant.com/resources/blog/chinese-actors-exploit-fortios-flaw"
]
},
"uuid": "2cef78bd-f097-4477-8888-79359042b515",
"value": "BOLDMOVE"
}
],
"version": 13
"version": 14
}