MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

Update stealer.json

pull/353/head
LabyrINTh-Jim 2019-02-26 12:28:48 -05:00 committed by GitHub
parent 47721b696d
commit 6dcb5ed6cf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
clusters/stealer.json
View File

@ -42,6 +42,16 @@
"uuid": "a6780288-24eb-4006-9ddd-062870c6feec",
"value": "TeleGrab"
},
{
"description": "Expiro is a known file infector and information stealer that hinders analysis with anti-debugging and anti-analysis tricks. [[Citation: Cisco Talos - Threat Roundup for Feb. 8 to Feb. 15]]]",
"meta": {
"uuid": "ca16a9f0-3915-11e9-b210-d663bd873d93",
"refs": [
"https://blog.talosintelligence.com/2019/02/threat-roundup-0208-0215.html"
]
},
"value": "Expiro"
},
{
"description": "It is able to steal accounts from different software, such as, Firefox password Internet Explorer/Edge Thunderbird Chrome/Chromium and many more. It is also able to (1) list all installed software, (2) list processes, (3) Get information about the machine name (CPU type, Graphic card, size of memory), (4) take screen captures, (5) Steal cryptomoney wallet from Electrum, MultiBit, monero-project, bitcoin-qt.",
"meta": {