From 5d61a758867491efce981071de5444d4cf784cdc Mon Sep 17 00:00:00 2001 From: Deborah Servili Date: Mon, 14 Jan 2019 16:34:28 +0100 Subject: [PATCH] fix versions --- clusters/ransomware.json | 2 +- clusters/threat-actor.json | 18 ++++++++++++++---- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/clusters/ransomware.json b/clusters/ransomware.json index b6d3498..47c39e0 100644 --- a/clusters/ransomware.json +++ b/clusters/ransomware.json @@ -11732,5 +11732,5 @@ "value": "BitPaymer" } ], - "version": 48 + "version": 49 } diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 6803c3d..79f0997 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -6146,7 +6146,7 @@ "https://www.crowdstrike.com/blog/big-game-hunting-with-ryuk-another-lucrative-targeted-ransomware/" ] }, - "uuid": "4db86f94-661e-458c-8ce3-ce7ab79af489", + "uuid": "3cf6dbb5-bf9e-47d4-a8d5-b6d76f5a791f", "value": "GRIM SPIDER" }, { @@ -6156,7 +6156,7 @@ "https://www.crowdstrike.com/blog/big-game-hunting-with-ryuk-another-lucrative-targeted-ransomware/" ] }, - "uuid": "ce20f612-e2cd-4a61-8c23-5405971ec401", + "uuid": "bdf4fe4f-af8a-495f-a719-cf175cecda1f", "value": "WIZARD SPIDER" }, { @@ -6167,9 +6167,19 @@ "https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-february-mummy-spider/" ] }, - "uuid": "b28d82bc-4f77-4956-b595-8c5d6a1a842b", + "uuid": "c93281be-f6cd-4cd0-a5a3-defde9d77d8b", "value": "MUMMY SPIDER" + }, + { + "description": "Open-source reporting has claimed that the Hermes ransomware was developed by the North Korean group STARDUST CHOLLIMA (activities of which have been public reported as part of the “Lazarus Group”), because Hermes was executed on a host during the SWIFT compromise of FEIB in October 2017. ", + "meta": { + "refs": [ + "https://www.crowdstrike.com/blog/big-game-hunting-with-ryuk-another-lucrative-targeted-ransomware/" + ] + }, + "uuid": "d8e1762a-0063-48c2-9ea1-8d176d14b70f", + "value": "STARDUST CHOLLIMA" } ], - "version": 85 + "version": 86 }