From 9ced077269b18c8988cda5fa2bd9ccee4675e33e Mon Sep 17 00:00:00 2001 From: Mathieu4141 Date: Thu, 2 Nov 2023 05:17:14 -0700 Subject: [PATCH 1/2] [threat-actors] Add Scarred Manticore --- clusters/threat-actor.json | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index fc47ca3..336e826 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -11959,6 +11959,17 @@ ], "uuid": "32eebd31-5e0f-4fb9-b478-26ff4e48aaf4", "value": "AtlasCross" + }, + { + "description": "Scarred Manticore has been pursuing high-value targets for years, utilizing a variety of IIS-based backdoors to attack Windows servers. These include a variety of custom web shells, custom DLL backdoors, and driver-based implants.", + "meta": { + "refs": [ + "https://research.checkpoint.com/2023/from-albania-to-the-middle-east-the-scarred-manticore-is-listening/" + ], + "country": "IR" + }, + "uuid": "79d0da59-9400-40f6-b72b-6c6f47354d59", + "value": "Scarred Manticore" } ], "version": 285 From be89fcd37015dfff2b99083e6d6d7f9c96482de7 Mon Sep 17 00:00:00 2001 From: Mathieu Beligon Date: Thu, 2 Nov 2023 13:25:13 +0100 Subject: [PATCH 2/2] [threat-actors] jq --- clusters/threat-actor.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 02aecca..942ea3b 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -12085,10 +12085,10 @@ { "description": "Scarred Manticore has been pursuing high-value targets for years, utilizing a variety of IIS-based backdoors to attack Windows servers. These include a variety of custom web shells, custom DLL backdoors, and driver-based implants.", "meta": { + "country": "IR", "refs": [ "https://research.checkpoint.com/2023/from-albania-to-the-middle-east-the-scarred-manticore-is-listening/" - ], - "country": "IR" + ] }, "uuid": "79d0da59-9400-40f6-b72b-6c6f47354d59", "value": "Scarred Manticore"