jq

2019-10-31 10:37:36 +01:00 · 2019-10-31 10:37:36 +01:00 · bee9b80898
parent 0a8f989e1c
commit bee9b80898
2 changed files with 15 additions and 8 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -671,12 +671,12 @@
          "https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-july-wicked-spider/"
        ],
        "synonyms": [
-          "Winnti Umbrella"
+          "Winnti Umbrella",
          "Winnti Group",
          "Tailgater Team",
-          "Suckfly"
+          "Suckfly",
          "APT41",
-          "APT 41"
+          "APT 41",
          "Group 72",
          "Group72",
          "Tailgater",
--- a/clusters/tool.json
+++ b/clusters/tool.json
@ -665,7 +665,8 @@
          "SUQ",
          "Agent.ALQHI",
          "RbDoor",
-          "RibDoor","HIGHNOON"
+          "RibDoor",
+          "HIGHNOON"
        ],
        "type": [
          "Backdoor"
@ -5355,7 +5356,10 @@
        "refs": [
          "https://cdn.securelist.com/files/2017/08/ShadowPad_technical_description_PDF.pdf"
        ],
-        "synonyms":[ "POISONPLUG", "Barlaiy"]
+        "synonyms": [
+          "POISONPLUG",
+          "Barlaiy"
+        ]
      },
      "related": [
        {
@ -7864,11 +7868,14 @@
      "value": "Netscan"
    },
    {
-      "value":"ShadowHammer",
      "description": "Malware embedded in Asus Live Update in 2018. ShadowHammer triggers its malicious behavior only if the computer it is running on has a network adapter with the MAC address whitelisted by the attacker.",
      "meta": {
-        "refs": ["https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Winnti.pdf"]
-      }
+        "refs": [
+          "https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Winnti.pdf"
+        ]
+      },
+      "uuid": "c1815516-aa2a-43d2-9136-78a8feb054b6",
+      "value": "ShadowHammer"
    }
  ],
  "version": 127