fix versions

2019-01-14 16:34:28 +01:00 · 2019-01-14 16:34:28 +01:00 · 5d61a75886
parent 61093f6f07
commit 5d61a75886
2 changed files with 15 additions and 5 deletions
--- a/clusters/ransomware.json
+++ b/clusters/ransomware.json
@ -11732,5 +11732,5 @@
      "value": "BitPaymer"
    }
  ],
-  "version": 48
+  "version": 49
 }
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -6146,7 +6146,7 @@
          "https://www.crowdstrike.com/blog/big-game-hunting-with-ryuk-another-lucrative-targeted-ransomware/"
        ]
      },
-      "uuid": "4db86f94-661e-458c-8ce3-ce7ab79af489",
+      "uuid": "3cf6dbb5-bf9e-47d4-a8d5-b6d76f5a791f",
      "value": "GRIM SPIDER"
    },
    {
@ -6156,7 +6156,7 @@
          "https://www.crowdstrike.com/blog/big-game-hunting-with-ryuk-another-lucrative-targeted-ransomware/"
        ]
      },
-      "uuid": "ce20f612-e2cd-4a61-8c23-5405971ec401",
+      "uuid": "bdf4fe4f-af8a-495f-a719-cf175cecda1f",
      "value": "WIZARD SPIDER"
    },
    {
@ -6167,9 +6167,19 @@
          "https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-february-mummy-spider/"
        ]
      },
-      "uuid": "b28d82bc-4f77-4956-b595-8c5d6a1a842b",
+      "uuid": "c93281be-f6cd-4cd0-a5a3-defde9d77d8b",
      "value": "MUMMY SPIDER"
+    },
+    {
+      "description": "Open-source reporting has claimed that the Hermes ransomware was developed by the North Korean group STARDUST CHOLLIMA (activities of which have been public reported as part of the “Lazarus Group”), because Hermes was executed on a host during the SWIFT compromise of FEIB in October 2017. ",
+      "meta": {
+        "refs": [
+          "https://www.crowdstrike.com/blog/big-game-hunting-with-ryuk-another-lucrative-targeted-ransomware/"
+        ]
+      },
+      "uuid": "d8e1762a-0063-48c2-9ea1-8d176d14b70f",
+      "value": "STARDUST CHOLLIMA"
    }
  ],
-  "version": 85
+  "version": 86
 }