MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

update apt28 tools

pull/36/head
Thanat0s 2017-02-26 17:06:19 +01:00
parent afe682cf3f
commit 93df12be35
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
clusters/tool.json
View File

@ -514,32 +514,38 @@
}, },
{ {
"value": "CHOPSTICK", "value": "CHOPSTICK",
"description": "backdoor", "description": "backdoor used by apt28 ",
"meta": { "meta": {
"synonyms": [ "synonyms": [
"Xagent",
"webhp", "webhp",
"SPLM", "SPLM",
"(.v2 fysbis)" "(.v2 fysbis)"
], ],
"refs": [ "refs": [
"https://www2.fireeye.com/rs/848-DID-242/images/APT28-Center-of-Storm-2017.pdf" "https://www2.fireeye.com/rs/848-DID-242/images/APT28-Center-of-Storm-2017.pdf"
],
"possible_issues": "Report tells that is could be Xagent alias (Java Rat)",
"type": [
"Backdoor"
] ]
} }
}, },
{ {
"value": "EVILTOSS", "value": "EVILTOSS",
"description": "backdoor", "description": "backdoor used by apt28",
"meta": { "meta": {
"synonyms": [ "synonyms": [
"Sedreco", "Sedreco",
"AZZY", "AZZY",
"Xagent",
"ADVSTORESHELL", "ADVSTORESHELL",
"NETUI" "NETUI"
], ],
"refs": [ "refs": [
"https://www2.fireeye.com/rs/848-DID-242/images/APT28-Center-of-Storm-2017.pdf" "https://www2.fireeye.com/rs/848-DID-242/images/APT28-Center-of-Storm-2017.pdf"
],
"possible_issues": "Report tells that is could be Xagent alias (Java Rat)",
"type": [
"Backdoor"
] ]
} }
}, },