MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #90 from Delta-Sierra/master 

add Adwind RAT synonyms
pull/91/head
Deborah Servili 2017-09-25 15:51:31 +02:00 committed by GitHub
parent 38f9d2cbfd fecfdd39f3
commit ecf91a5daa
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
clusters/rat.json
View File

@ -175,11 +175,17 @@
"meta": {
"synonyms": [
"UNRECOM",
"UNiversal REmote COntrol Multi-Platform"
"UNiversal REmote COntrol Multi-Platform",
"Frutas",
"AlienSpy",
"Unrecom",
"Jsocket",
"JBifrost"
],
"refs": [
"https://securelist.com/securelist/files/2016/02/KL_AdwindPublicReport_2016.pdf",
"https://www.f-secure.com/v-descs/backdoor_java_adwind.shtml"
"https://www.f-secure.com/v-descs/backdoor_java_adwind.shtml",
"https://blog.fortinet.com/2016/08/16/jbifrost-yet-another-incarnation-of-the-adwind-rat"
]
},
"description": "Backdoor:Java/Adwind is a Java archive (.JAR) file that drops a malicious component onto the machines and runs as a backdoor. When active, it is capable of stealing user information and may also be used to distribute other malware. ",