From 32ffc98e5d60aec6177bef0af917ba03d3ab7ac8 Mon Sep 17 00:00:00 2001 From: Deborah Servili Date: Mon, 24 Jun 2019 10:20:29 +0200 Subject: [PATCH 1/2] add Felipe Trojan --- clusters/rat.json | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/clusters/rat.json b/clusters/rat.json index 40e55af1..50922a07 100644 --- a/clusters/rat.json +++ b/clusters/rat.json @@ -3372,7 +3372,17 @@ }, "uuid": "4b9b99f0-9c2d-4db5-aaff-09de88509c04", "value": "FlawedAmmy" + }, + { + "value": "Felipe", + "description": "The Zscaler ThreatLabZ team came across a new strain of infostealer Trojan called Felipe, which silently installs itself onto a user’s system and connects to a command-and-control (C&C) server to send system information from the compromised system. This malware is compiled for both 32-bit and 64-bit Windows operating systems. Felipe basically steals the victim's debit and credit card information and sends it, along with other personal information, to the remote C&C server. It also sets a date and time to perform other malicious activity upon successful infection of the victim machine.", + "meta": { + "refs": [ + "https://www.zscaler.com/blogs/research/felipe-new-infostealer-trojan" + ] + }, + "uuid": "0f117f50-9657-11e9-8e2b-83e391e0ce57" } ], - "version": 29 + "version": 30 } From ca45f0deec82daf4f8dd48f51a4f4881edf4d962 Mon Sep 17 00:00:00 2001 From: Deborah Servili Date: Mon, 24 Jun 2019 10:22:38 +0200 Subject: [PATCH 2/2] jq --- clusters/rat.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/clusters/rat.json b/clusters/rat.json index 50922a07..cd041ba5 100644 --- a/clusters/rat.json +++ b/clusters/rat.json @@ -3374,14 +3374,14 @@ "value": "FlawedAmmy" }, { - "value": "Felipe", "description": "The Zscaler ThreatLabZ team came across a new strain of infostealer Trojan called Felipe, which silently installs itself onto a user’s system and connects to a command-and-control (C&C) server to send system information from the compromised system. This malware is compiled for both 32-bit and 64-bit Windows operating systems. Felipe basically steals the victim's debit and credit card information and sends it, along with other personal information, to the remote C&C server. It also sets a date and time to perform other malicious activity upon successful infection of the victim machine.", "meta": { "refs": [ "https://www.zscaler.com/blogs/research/felipe-new-infostealer-trojan" ] }, - "uuid": "0f117f50-9657-11e9-8e2b-83e391e0ce57" + "uuid": "0f117f50-9657-11e9-8e2b-83e391e0ce57", + "value": "Felipe" } ], "version": 30