MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

[threat-actors] Add UNC4393

pull/1008/head
Mathieu4141 2024-07-31 02:14:11 -07:00
parent a3e9e8c944
commit 7289782aae
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
clusters/threat-actor.json
View File

@ -16491,6 +16491,16 @@
},
"uuid": "0b71d2db-93fe-49b5-a9fd-7f8c94b86637",
"value": "SAMBASPIDER"
},
{
"description": "UNC4393 is a financially motivated threat actor primarily using BASTA ransomware. They have been active since early 2022 and have targeted over 40 organizations across various industries. UNC4393 has shown a willingness to cooperate with other threat clusters for initial access and has evolved from using existing tools to developing custom malware. They focus on efficient data exfiltration and multi-faceted extortion, often utilizing tools like COGSCAN and RCLONE for reconnaissance and data theft.",
"meta": {
"refs": [
"https://cloud.google.com/blog/topics/threat-intelligence/unc4393-goes-gently-into-silentnight"
]
},
"uuid": "8191e28a-fb2d-4d50-b992-b877807a2f37",
"value": "UNC4393"
}
],
"version": 312