mirror of https://github.com/MISP/misp-galaxy
add hezb
parent
705d0d2e72
commit
6dba3abe13
|
@ -62,7 +62,17 @@
|
|||
},
|
||||
"uuid": "a0c0ab05-c390-425c-9311-f64bf7ca9145",
|
||||
"value": "Krane"
|
||||
},
|
||||
{
|
||||
"description": "“Hezb”, which is based on command line artifact data, was observed around Kinsing. This malware is relatively new and was recently reported in late May exploiting WSO2 RCE (CVE-2022-29464) in the wild. Several malware components were observed, the first of which was an XMRig miner installed as “Hezb”. Additional modules included a polkit exploit for privilege escalation as well as a zero-detection ELF payload named “kik”.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://www.lacework.com/blog/kinsing-dark-iot-botnet-among-threats-targeting-cve-2022-26134/"
|
||||
]
|
||||
},
|
||||
"uuid": "428bbf01-7756-48a2-848d-6bca3997f1df",
|
||||
"value": "Hezb"
|
||||
}
|
||||
],
|
||||
"version": 2
|
||||
"version": 3
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue