MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: RANCOR group added

pull/235/head
Alexandre Dulaunoy 2018-07-03 11:16:19 +02:00
parent 1ae075acca
commit cd53272470
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
clusters/threat-actor.json
View File

@ -2711,6 +2711,16 @@
]
},
"uuid": "1533bc1a-745a-11e8-90e3-efa3e975fef3s"
},
{
"value": "RANCOR",
"description": "The Rancor groups attacks use two primary malware families which we describe in depth later in this blog and are naming DDKONG and PLAINTEE. DDKONG is used throughout the campaign and PLAINTEE appears to be new addition to these attackers toolkit.",
"meta": {
"refs": [
"https://researchcenter.paloaltonetworks.com/2018/06/unit42-rancor-targeted-attacks-south-east-asia-using-plaintee-ddkong-malware-families/"
]
},
"uuid": "14e7266a-6dd8-4000-8951-4bd93e357d4b"
}
],
"name": "Threat actor",
@ -2725,5 +2735,5 @@
],
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
"uuid": "7cdff317-a673-4474-84ec-4f1754947823",
"version": 43
"version": 44
}