Merge pull request #541 from nyx0/master

Add DenesRAT/METALJACK
2020-04-28 09:20:48 +02:00 · 2020-04-28 09:20:48 +02:00 · 3c2d863cbc
parent 07145a4759 46a6d9fcb1
commit 3c2d863cbc
1 changed files with 19 additions and 1 deletions
--- a/clusters/tool.json
+++ b/clusters/tool.json
@ -7998,7 +7998,25 @@
      },
      "uuid": "32a6065c-4f4e-4a60-8717-5872b5f21ac4",
      "value": "Gelup malware tool"
+    },
+    {
+      "description": "DenesRAT is a private Trojan horse of the \"Sea Lotus\" organization, which can perform corresponding functions according to the instructions issued by the C2 server. The main functions are file operations, such as creating files or directories, deleting files or directories, finding files; registry reading and writing; remote code execution, such as creating processes, executing DLLs, etc....",
+      "meta": {
+        "refs": [
+          "http://baijiahao.baidu.com/s?id=1661498030941117519",
+          "https://www.fireeye.com/blog/threat-research/2020/04/apt32-targeting-chinese-government-in-covid-19-related-espionage.html"
+        ],
+        "synonyms": [
+          "METALJACK"
+        ],
+        "type": [
+          "Loader",
+          "Backdoor"
+        ]
+      },
+      "uuid": "edd9e14c-80f7-4a50-ab85-fa1120c54003",
+      "value": "DenesRAT"
    }
  ],
-  "version": 133
+  "version": 134
 }