MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

add Quant Loader

pull/135/head
Deborah Servili 2017-12-13 15:51:24 +01:00
parent e891373ce8
commit 8836dfdc16
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
clusters/tool.json
View File

@ -10,7 +10,7 @@
], ],
"description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.", "description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
"uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f", "uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f",
"version": 41, "version": 42,
"values": [ "values": [
{ {
"meta": { "meta": {
@ -3114,6 +3114,16 @@
"https://www.group-ib.com/blog/moneytaker" "https://www.group-ib.com/blog/moneytaker"
] ]
} }
},
{
"value": "Quant Loader",
"description": "Described as a \"professional exe loader / dll dropper\" Quant Loader is in fact a very basic trojan downloader. It began being advertised on September 1, 2016 on various Russian underground forums:",
"meta": {
"refs": [
"https://www.bleepingcomputer.com/news/security/quant-loader-is-now-bundled-with-other-crappy-malware/",
"https://blogs.forcepoint.com/security-labs/locky-distributor-uses-newly-released-quant-loader-sold-russian-underground"
]
}
} }
] ]
} }