Merge pull request #884 from Mathieu4141/threat-actor/scarred-manticore-6a6965e2-0843-47b1-990d-d43016dd4dd1

[threat-actors] Add Scarred Manticore
2023-11-02 13:33:56 +01:00 · 2023-11-02 13:33:56 +01:00 · 7895b73d36
parent c77eeee13f be89fcd370
commit 7895b73d36
1 changed files with 11 additions and 0 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -12081,6 +12081,17 @@
      },
      "uuid": "5b30bcb8-4923-45cc-bc89-29651ca5d54e",
      "value": "Storm-0558"
+    },
+    {
+      "description": "Scarred Manticore has been pursuing high-value targets for years, utilizing a variety of IIS-based backdoors to attack Windows servers. These include a variety of custom web shells, custom DLL backdoors, and driver-based implants.",
+      "meta": {
+        "country": "IR",
+        "refs": [
+          "https://research.checkpoint.com/2023/from-albania-to-the-middle-east-the-scarred-manticore-is-listening/"
+        ]
+      },
+      "uuid": "79d0da59-9400-40f6-b72b-6c6f47354d59",
+      "value": "Scarred Manticore"
    }
  ],
  "version": 288