diff --git a/clusters/malpedia.json b/clusters/malpedia.json index c4e4bfec..45b2c296 100644 --- a/clusters/malpedia.json +++ b/clusters/malpedia.json @@ -18809,7 +18809,24 @@ }, "uuid": "237a1c2e-fb14-583d-ab2c-71f10a52ec06", "value": "MedusaLocker" + }, + { + "description": "Raccoon is a stealer and collects \"passwords, cookies and autofill from all popular browsers (including FireFox x64), CC data, system information, almost all existing desktop wallets of cryptocurrencies\".", + "meta": { + "refs": [ + "https://malpedia.caad.fkie.fraunhofer.de/details/win.raccoon", + "https://www.secfreaks.gr/2019/12/in-depth-analysis-of-an-infostealer-raccoon.html", + "https://www.bitdefender.com/files/News/CaseStudies/study/289/Bitdefender-WhitePaper-Fallout.pdf", + "https://www.cybereason.com/blog/hunting-raccoon-stealer-the-new-masked-bandit-on-the-block" + ], + "synonyms": [ + "Racoon" + ], + "type": [] + }, + "uuid": "10c03b2e-5e53-11ea-ac08-00163cdbc7b4", + "value": "Raccoon" } ], - "version": 2561 + "version": 2562 } diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 439c2b6c..72388a99 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -4472,7 +4472,8 @@ "https://www.scmagazineuk.com/ocean-lotus-groupapt-32-identified-as-vietnamese-apt-group/article/663565/", "https://www.brighttalk.com/webcast/10703/261205", "https://github.com/eset/malware-research/tree/master/oceanlotus", - "https://www.cfr.org/interactive/cyber-operations/ocean-lotus" + "https://www.cfr.org/interactive/cyber-operations/ocean-lotus", + "https://www.accenture.com/us-en/blogs/blogs-pond-loach-delivers-badcake-malware" ], "synonyms": [ "OceanLotus Group", @@ -4484,7 +4485,8 @@ "Sea Lotus", "APT-32", "APT 32", - "Ocean Buffalo" + "Ocean Buffalo", + "POND LOACH" ] }, "related": [ @@ -7967,5 +7969,5 @@ "value": "InvisiMole" } ], - "version": 155 + "version": 156 }