MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

add Asruex Backdoor

pull/443/head
Deborah Servili 2019-08-28 15:40:03 +02:00
parent ea68336b96
commit 395dd93e0f
No known key found for this signature in database
GPG Key ID: 7E3A832850D4D7D1
2 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
clusters/backdoor.json
View File

@ -80,7 +80,17 @@
], ],
"uuid": "a4757e11-0837-42c0-958a-7490cff58687", "uuid": "a4757e11-0837-42c0-958a-7490cff58687",
"value": "SLUB" "value": "SLUB"
},
{
"description": "Since it first emerged in 2015, Asruex has been known for its backdoor capabilities and connection to the spyware DarkHotel. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883, which inject code in Word and PDF files respectively.",
"meta": {
"refs": [
"https://blog.trendmicro.com/trendlabs-security-intelligence/asruex-backdoor-variant-infects-word-documents-and-pdfs-through-old-ms-office-and-adobe-vulnerabilities/"
]
},
"uuid": "b7ad60a0-d648-4775-adec-c78b1a92fc34",
"value": "Asruex"
} }
], ],
"version": 5 "version": 6
} }

2
clusters/threat-actor.json
View File

@ -7689,5 +7689,5 @@
"value": "APT41" "value": "APT41"
} }
], ],
"version": 126 "version": 128
} }