From f14d616e22049ce7dcbd3802568d4f204e6f8930 Mon Sep 17 00:00:00 2001 From: Christophe Vandeplas Date: Fri, 12 Oct 2018 11:00:00 +0200 Subject: [PATCH] chg: magical mapping with malpedia --- clusters/android.json | 164 +- clusters/backdoor.json | 13 +- clusters/banker.json | 408 +- clusters/botnet.json | 242 +- clusters/exploit-kit.json | 20 +- clusters/malpedia.json | 4036 ++++++++++++++++- clusters/microsoft-activity-group.json | 13 +- clusters/mitre-enterprise-attack-malware.json | 563 ++- clusters/mitre-enterprise-attack-tool.json | 38 +- clusters/mitre-malware.json | 397 +- .../mitre-mobile-attack-intrusion-set.json | 18 +- clusters/mitre-mobile-attack-malware.json | 61 +- clusters/mitre-mobile-attack-tool.json | 18 +- clusters/mitre-tool.json | 38 +- clusters/ransomware.json | 507 ++- clusters/rat.json | 318 +- clusters/stealer.json | 13 +- clusters/threat-actor.json | 13 +- clusters/tool.json | 1114 ++++- tools/gen_mapping.py | 4 +- 20 files changed, 7959 insertions(+), 39 deletions(-) diff --git a/clusters/android.json b/clusters/android.json index 93c0517..a2778f4 100644 --- a/clusters/android.json +++ b/clusters/android.json @@ -29,6 +29,15 @@ "GhostCtrl" ] }, + "related": [ + { + "dest-uuid": "3b6c1771-6d20-4177-8be0-12116e254bf5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a01e1d0b-5303-4d11-94dc-7db74f3d599d", "value": "Andr/Dropr-FH" }, @@ -50,6 +59,15 @@ "https://www.bleepingcomputer.com/news/security/researchers-discover-new-android-banking-trojan/" ] }, + "related": [ + { + "dest-uuid": "e9aaab46-abb1-4390-b37b-d0457d05b28f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d10f8cd5-0077-4d8f-9145-03815a68dd33", "value": "RedAlert2" }, @@ -70,6 +88,15 @@ "https://www.welivesecurity.com/2017/10/13/doublelocker-innovative-android-malware/" ] }, + "related": [ + { + "dest-uuid": "10d0115a-00b4-414e-972b-8320a2bb873c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6671bb0b-4fab-44a7-92f9-f641a887a0aa", "value": "DoubleLocker" }, @@ -91,6 +118,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d99c0a47-9d61-4d92-86ec-86a87b060d76", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "426ead34-b3e6-45c7-ba22-5b8f3b8214bd", @@ -103,6 +137,29 @@ "https://clientsidedetection.com/lokibot___the_first_hybrid_android_malware.html" ] }, + "related": [ + { + "dest-uuid": "a6f481fe-b6db-4507-bb3c-28f10d800e2f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "b8fa5036-813f-4887-b4d4-bb17b4a7eba0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "4793a29b-1191-4750-810e-9301a6576fc4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "fbda9705-677b-4c5b-9b0b-13b52eff587c", "value": "LokiBot" }, @@ -115,6 +172,15 @@ "https://blog.avast.com/mobile-banking-trojan-sneaks-into-google-play-targeting-wells-fargo-chase-and-citibank-customers" ] }, + "related": [ + { + "dest-uuid": "85975621-5126-40cb-8083-55cbfa75121b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4ed03b03-a34f-4583-9db1-6c58a4bd952b", "value": "BankBot" }, @@ -188,6 +254,15 @@ "https://www.symantec.com/security_response/writeup.jsp?docid=2017-090410-0547-99" ] }, + "related": [ + { + "dest-uuid": "e3e90666-bc19-4741-aca8-1e4cbc2f4c9e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "60857664-0671-4b12-ade9-86ee6ecb026a", "value": "Switcher" }, @@ -259,6 +334,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d87e2574-7b9c-4ea7-98eb-88f3e139f6ff", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "3d3aa832-8847-47c5-9e31-ef13ab7ab6fb", @@ -311,6 +393,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "8eb9d4aa-257a-45eb-8c65-95c18500171c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "ce1a9641-5bb8-4a61-990a-870e9ef36ac1", @@ -762,6 +851,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d87e2574-7b9c-4ea7-98eb-88f3e139f6ff", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "620981e8-49c8-486a-b30c-359702c8ffbc", @@ -1094,6 +1190,22 @@ "https://www.symantec.com/security_response/writeup.jsp?docid=2015-071409-0636-99" ] }, + "related": [ + { + "dest-uuid": "4b2ab902-811e-4b50-8510-43454d77d027", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "c359c74e-4155-4e66-a344-b56947f75119", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c17f6e4b-70c5-42f8-a91b-19d73485bd04", "value": "Crisis" }, @@ -3349,6 +3461,15 @@ "https://www.symantec.com/security_response/writeup.jsp?docid=2016-062710-0328-99" ] }, + "related": [ + { + "dest-uuid": "db3dcfd1-79d2-4c91-898f-5f2463d7c417", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "05f5a051-d7a2-4757-a2f0-d685334d9374", "value": "Rootnik" }, @@ -3660,6 +3781,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "8eb9d4aa-257a-45eb-8c65-95c18500171c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "dadccdda-a4c2-4021-90b9-61a394e602be", @@ -3714,6 +3842,20 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d26b5518-8d7f-41a6-b539-231e4962853e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "6bd20349-1231-4aaa-ba2a-f4b09d3b344c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "df36267b-7267-4c23-a7a1-cf94ef1b3729", @@ -4482,6 +4624,15 @@ "https://www.bleepingcomputer.com/news/security/new-mysterybot-android-malware-packs-a-banking-trojan-keylogger-and-ransomware/" ] }, + "related": [ + { + "dest-uuid": "0a53ace4-98ae-442f-be64-b8e373948bde", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "53e2e7e8-70a8-11e8-b0f8-33fcf651adaf", "value": "MysteryBot" }, @@ -4492,6 +4643,15 @@ "https://securelist.com/skygofree-following-in-the-footsteps-of-hackingteam/83603/" ] }, + "related": [ + { + "dest-uuid": "f5fded3c-8f45-471a-a372-d8be101e1b22", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "3e19d162-9ee1-11e8-b8d7-d32141691f1f", "value": "Skygofree" }, @@ -4516,5 +4676,5 @@ "value": "Triout" } ], - "version": 14 -} + "version": 15 +} \ No newline at end of file diff --git a/clusters/backdoor.json b/clusters/backdoor.json index 0908426..356b280 100644 --- a/clusters/backdoor.json +++ b/clusters/backdoor.json @@ -16,6 +16,15 @@ "https://blog.jpcert.or.jp/2018/07/malware-wellmes-9b78.html" ] }, + "related": [ + { + "dest-uuid": "d84ebd91-58f6-459f-96a1-d028a1719914", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e0e79fab-0f1d-4fc2-b424-208cb019a9cd", "value": "WellMess" }, @@ -33,5 +42,5 @@ "value": "Rosenbridge" } ], - "version": 2 -} + "version": 3 +} \ No newline at end of file diff --git a/clusters/banker.json b/clusters/banker.json index cbd6854..55116ae 100644 --- a/clusters/banker.json +++ b/clusters/banker.json @@ -34,6 +34,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "4e8c1ab7-2841-4823-a5d1-39284fb0969a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "f0ec2df5-2e38-4df3-970d-525352006f2e", @@ -60,6 +67,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "b662c253-5c87-4ae6-a30e-541db0845f67", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "f3813bbd-682c-400d-8165-778be6d3f91f", @@ -91,6 +105,20 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "b4216929-1626-4444-bdd7-bfd4b68a766e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "66781866-f064-467d-925d-5e5f290352f0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "44754726-e1d5-4e5f-a113-234c4a8ca65e", @@ -119,6 +147,20 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "75329c9e-a218-4299-87b2-8f667cd9e40c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "4f3ad937-bf2f-40cb-9695-a2bedfd41bfa", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "b9448d2a-a23c-4bf2-92a1-d860716ba2f3", @@ -151,6 +193,22 @@ "https://lokalhost.pl/gozi_tree.txt" ] }, + "related": [ + { + "dest-uuid": "a171321e-4968-4ac0-8497-3250c1f0d77d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "0f96a666-bf26-44e0-8ad6-f2136208c924", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ffbbbc14-1cdb-4be9-a631-ed53c5407369", "value": "Gozi ISFB" }, @@ -176,6 +234,22 @@ "http://archive.is/I7hi8#selection-217.0-217.6" ] }, + "related": [ + { + "dest-uuid": "a171321e-4968-4ac0-8497-3250c1f0d77d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "ffbbbc14-1cdb-4be9-a631-ed53c5407369", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "0f96a666-bf26-44e0-8ad6-f2136208c924", "value": "IAP" }, @@ -203,6 +277,15 @@ "Zeus Terdot" ] }, + "related": [ + { + "dest-uuid": "13236f94-802b-4abc-aaa9-cb80cf4df9ed", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2eb658ed-aff4-4253-a21f-9059b133ce17", "value": "Zloader Zeus" }, @@ -218,6 +301,15 @@ "VM Zeus" ] }, + "related": [ + { + "dest-uuid": "c32740a4-db2c-4d71-80bd-7377185f4a6f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "09d1cad8-6b06-48d7-a968-5b17bbe9ca65", "value": "Zeus VM" }, @@ -229,6 +321,15 @@ "https://securityintelligence.com/brazil-cant-catch-a-break-after-panda-comes-the-sphinx/" ] }, + "related": [ + { + "dest-uuid": "997c20b0-0992-498a-b69d-fc16ab2fd4e4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8914802c-3aca-4a0d-874a-85ac7a1bc505", "value": "Zeus Sphinx" }, @@ -261,6 +362,15 @@ "Maple" ] }, + "related": [ + { + "dest-uuid": "07f6bbff-a09a-4580-96ea-62795a8dae11", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "bc0be3a4-89d8-4c4c-b2aa-2dddbed1f71d", "value": "Zeus KINS" }, @@ -276,6 +386,15 @@ "Chtonic" ] }, + "related": [ + { + "dest-uuid": "9441a589-e23d-402d-9603-5e55e3e33971", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6deb9f26-969b-45aa-9222-c23663fd6ef8", "value": "Chthonic" }, @@ -294,6 +413,22 @@ "Trickloader" ] }, + "related": [ + { + "dest-uuid": "a7dbd72f-8d53-48c6-a9db-d16e7648b2d4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "c824813c-9c79-4917-829a-af72529e8329", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "07e3260b-d80c-4c86-bd28-8adc111bbec6", "value": "Trickbot" }, @@ -316,6 +451,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "1ecbcd20-f238-47ef-874b-08ef93266395", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "15e969e6-f031-4441-a49b-f401332e4b00", @@ -351,6 +493,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "5eee35b6-bd21-4b67-b198-e9320fcf2c88", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "5594b171-32ec-4145-b712-e7701effffdd", @@ -376,6 +525,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d29eb927-d53d-4af2-b6ce-17b3a1b34fe7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "8e002f78-7fb8-4e70-afd7-0b4ac655be26", @@ -409,6 +565,27 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "b4216929-1626-4444-bdd7-bfd4b68a766e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "66781866-f064-467d-925d-5e5f290352f0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "16794655-c0e2-4510-9169-f862df104045", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "7ca93488-c357-44c3-b246-3f88391aca5a", @@ -432,6 +609,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "542161c0-47a4-4297-baca-5ed98386d228", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "7e2288ec-e7d4-4833-9245-a2bc5ae40ee2", @@ -465,6 +649,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "2ccaccd0-8362-4224-8497-2012e7cc7549", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "b2ec1f16-2a76-4910-adc5-ecb3570e7c1a", @@ -480,6 +671,15 @@ "https://malwarebreakdown.com/2017/09/11/re-details-malspam-downloads-corebot-banking-trojan/" ] }, + "related": [ + { + "dest-uuid": "495377c4-1be5-4c65-ba66-94c221061415", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8a3d46db-d3b4-4f89-99e2-d1f0de3f484c", "value": "Corebot" }, @@ -508,6 +708,20 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "4cfa42a3-71d9-43e2-bf23-daa79f326387", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "5a78ec38-8b93-4dde-a99e-0c9b77674838", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "e683cd91-40b4-4e1c-be25-34a27610a22e", @@ -529,6 +743,29 @@ "Werdlod" ] }, + "related": [ + { + "dest-uuid": "22ef1e56-7778-41d1-9b2b-737aa5bf9777", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "80acc956-d418-42e3-bddf-078695a01289", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "e159c4f8-3c22-49f9-a60a-16588a9c22b0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "87b69cb4-8b65-47ee-91b0-9b1decdd5c5c", "value": "Retefe" }, @@ -543,6 +780,15 @@ "http://blog.trendmicro.com/trendlabs-security-intelligence/rovnix-infects-systems-with-password-protected-macros/" ] }, + "related": [ + { + "dest-uuid": "9d58d94f-6885-4a38-b086-b9978ac62c1f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d939e802-acb2-4881-bdaf-ece1eccf5699", "value": "ReactorBot" }, @@ -554,6 +800,15 @@ "https://www.arbornetworks.com/blog/asert/another-banker-enters-matrix/" ] }, + "related": [ + { + "dest-uuid": "59717468-271e-4d15-859a-130681c17ddb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "aa3fc68c-413c-4bfb-b4cd-bca7094da985", "value": "Matrix Banker" }, @@ -592,6 +847,15 @@ "https://securityintelligence.com/cybercriminals-use-citadel-compromise-password-management-authentication-solutions/" ] }, + "related": [ + { + "dest-uuid": "7f550cae-98b7-4a0c-bed2-d79227dc6310", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "9eb89081-3245-423a-995f-c1d78ce39619", "value": "Citadel" }, @@ -615,6 +879,15 @@ "https://securelist.com/ice-ix-not-cool-at-all/29111/ " ] }, + "related": [ + { + "dest-uuid": "44a1706e-f6dc-43ea-ac85-9a4f2407b9a3", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "1d4a5704-c6fb-4bbb-92b2-88dc67f86339", "value": "Ice IX" }, @@ -642,6 +915,15 @@ "Murofet" ] }, + "related": [ + { + "dest-uuid": "f7081626-130a-48d5-83a9-759b3ef198ec", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "0b097926-2e1a-4134-8ab9-4c16d0cca0fc", "value": "Licat" }, @@ -666,6 +948,15 @@ "http://blog.talosintelligence.com/2018/04/icedid-banking-trojan.html" ] }, + "related": [ + { + "dest-uuid": "26f5afaf-0bd7-4741-91ab-917bdd837330", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "9d67069c-b778-486f-8158-53f5dcd05d08", "value": "IcedID" }, @@ -695,6 +986,29 @@ "https://objective-see.com/blog/blog_0x25.html#Dok" ] }, + "related": [ + { + "dest-uuid": "22ef1e56-7778-41d1-9b2b-737aa5bf9777", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "80acc956-d418-42e3-bddf-078695a01289", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "87b69cb4-8b65-47ee-91b0-9b1decdd5c5c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e159c4f8-3c22-49f9-a60a-16588a9c22b0", "value": "Dok" }, @@ -719,6 +1033,15 @@ "lsmo" ] }, + "related": [ + { + "dest-uuid": "26b91007-a8ae-4e32-bd99-292e44735c3d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f93acc85-8d2c-41e0-b0c5-47795b8c6194", "value": "Smominru" }, @@ -729,6 +1052,15 @@ "https://www.proofpoint.com/us/threat-insight/post/danabot-new-banking-trojan-surfaces-down-under-0" ] }, + "related": [ + { + "dest-uuid": "4f7decd4-054b-4dd7-89cc-9bdb248f7c8a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "844417c6-a404-4c4e-8e93-84db596d725b", "value": "DanaBot" }, @@ -754,6 +1086,15 @@ "Shiotob" ] }, + "related": [ + { + "dest-uuid": "ed9f995b-1b41-4b83-a978-d956670fdfbe", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "67a1a317-9f79-42bd-a4b2-fa1867d37d27", "value": "Bebloh" }, @@ -768,6 +1109,15 @@ "BackPatcher" ] }, + "related": [ + { + "dest-uuid": "137cde28-5c53-489b-ad0b-d0fa2e342324", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f68555ff-6fbd-4f5a-bc23-34996f629c52", "value": "Banjori" }, @@ -777,6 +1127,15 @@ "https://www.countercept.com/our-thinking/decrypting-qadars-banking-trojan-c2-traffic/" ] }, + "related": [ + { + "dest-uuid": "080b2071-2d69-4b76-962e-3d0142074bcb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a717c873-6670-447a-ba98-90db6464c07d", "value": "Qadars" }, @@ -795,6 +1154,15 @@ "https://www.johannesbader.ch/2016/06/the-dga-of-sisron/" ] }, + "related": [ + { + "dest-uuid": "5d9a27e7-3110-470a-ac0d-2bf00cac7846", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6720f960-0382-479b-a0f8-f9e008995af4", "value": "Ranbyus" }, @@ -804,6 +1172,15 @@ "https://searchfinancialsecurity.techtarget.com/news/4500249201/Fobber-Drive-by-financial-malware-returns-with-new-tricks" ] }, + "related": [ + { + "dest-uuid": "bb836040-c161-4932-8f89-bc2ca2e8c1c0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "da124511-463c-4514-ad05-7ec8db1b38aa", "value": "Fobber" }, @@ -814,6 +1191,15 @@ "https://research.checkpoint.com/banking-trojans-development/" ] }, + "related": [ + { + "dest-uuid": "8a01c3be-17b7-4e5a-b0b2-6c1f5ccb82cf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a088c428-d0bb-49c8-9ed7-dcced0c74754", "value": "Karius" }, @@ -826,6 +1212,15 @@ "https://www.bleepingcomputer.com/news/security/new-version-of-the-kronos-banking-trojan-discovered/" ] }, + "related": [ + { + "dest-uuid": "62a7c823-9af0-44ee-ac05-8765806d2a17", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5b42af8e-8fdc-11e8-bf48-f32ff64d5502", "value": "Kronos" }, @@ -836,9 +1231,18 @@ "https://www.bleepingcomputer.com/news/security/new-banking-trojan-poses-as-a-security-module/ " ] }, + "related": [ + { + "dest-uuid": "ecac83ab-cd64-4def-979a-40aeeca0400b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2fafe8b2-b0db-11e8-a81e-4b62ee50bd87", "value": "CamuBot" } ], - "version": 13 -} + "version": 14 +} \ No newline at end of file diff --git a/clusters/botnet.json b/clusters/botnet.json index e85ebad..eb0a10b 100644 --- a/clusters/botnet.json +++ b/clusters/botnet.json @@ -31,6 +31,15 @@ "Lodeight" ] }, + "related": [ + { + "dest-uuid": "f09af1cc-cf9d-499a-9026-e783a3897508", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d530ea76-9bbc-4276-a2e3-df04e0e5a14c", "value": "Bagle" }, @@ -72,6 +81,15 @@ "Anserin" ] }, + "related": [ + { + "dest-uuid": "ad5bcaef-1a86-4cc7-8f2e-32306b995018", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "415a3667-4ac4-4718-a6ea-617540a4abb1", "value": "Torpig" }, @@ -104,6 +122,15 @@ "Costrat" ] }, + "related": [ + { + "dest-uuid": "76e98e04-0ab7-4000-80ee-7bcbcf9c110d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "9bca63cc-f0c7-4704-9c5f-b5bf473a9b43", "value": "Rustock" }, @@ -117,6 +144,15 @@ "Bachsoy" ] }, + "related": [ + { + "dest-uuid": "69a3e0ed-1727-4a9c-ae21-1e32322ede93", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "27a7fd9b-ec9a-4f4a-b3f5-a3b81c71970a", "value": "Donbot" }, @@ -132,6 +168,15 @@ "Mutant" ] }, + "related": [ + { + "dest-uuid": "9e8655fc-5bba-4efd-b3c0-db89ee2e0e0b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "35e25aad-7c39-4a1d-aa17-73fa638362e8", "value": "Cutwail" }, @@ -157,6 +202,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "2ccaccd0-8362-4224-8497-2012e7cc7549", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "6e1168e6-7768-4fa2-951f-6d6934531633", @@ -185,6 +237,15 @@ "https://en.wikipedia.org/wiki/Lethic_botnet" ] }, + "related": [ + { + "dest-uuid": "342f5c56-861c-4a06-b5db-85c3c424f51f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a73e150f-1431-4f72-994a-4000405eff07", "value": "Lethic" }, @@ -218,6 +279,15 @@ "Kukacka" ] }, + "related": [ + { + "dest-uuid": "cf752563-ad8a-4286-b2b3-9acf24a0a09a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6fe5f49d-48b5-4dc2-92f7-8c94397b9c96", "value": "Sality" }, @@ -246,6 +316,15 @@ "Kido" ] }, + "related": [ + { + "dest-uuid": "5f638985-49e1-4059-b2eb-f2ffa397b212", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ab49815e-8ba6-41ec-9f51-8a9587334069", "value": "Conficker" }, @@ -294,6 +373,15 @@ "Mondera" ] }, + "related": [ + { + "dest-uuid": "53e617fc-d71e-437b-a1a1-68b815d1ff49", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ca11e3f2-cda1-45dc-bed1-8708fa9e27a6", "value": "Gheg" }, @@ -329,6 +417,15 @@ "Hydraflux" ] }, + "related": [ + { + "dest-uuid": "ba557993-f64e-4538-8f13-dafaa3c0db00", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "0d58f329-1356-468c-88ab-e21fbb64c02b", "value": "Asprox" }, @@ -480,6 +577,15 @@ "Alureon" ] }, + "related": [ + { + "dest-uuid": "ad4e6779-59a6-4ad6-98de-6bd871ddb271", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "61a17703-7837-4cc9-b022-b5ed6b30efc1", "value": "TDL4" }, @@ -512,6 +618,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "4e8c1ab7-2841-4823-a5d1-39284fb0969a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "e878d24d-f122-48c4-930c-f6b6d5f0ee28", @@ -528,6 +641,15 @@ "Hlux" ] }, + "related": [ + { + "dest-uuid": "7d69892e-d582-4545-8798-4a9a84a821ea", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "07b10419-e8b5-4b5f-a179-77fc9b127dc6", "value": "Kelihos" }, @@ -546,6 +668,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "542161c0-47a4-4297-baca-5ed98386d228", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "8ed81090-f098-4878-b87e-2d801b170759", @@ -605,6 +734,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "variant-of" + }, + { + "dest-uuid": "17e12216-a303-4a00-8283-d3fe92d0934c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "fcdfd4af-da35-49a8-9610-19be8a487185", @@ -638,6 +774,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "9e5d83a8-1181-43fe-a77f-28c8c75ffbd0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "e77cf495-632a-4459-aad1-cdf29d73683f", @@ -647,6 +790,15 @@ "meta": { "date": "April 2017" }, + "related": [ + { + "dest-uuid": "837c5618-69dc-4817-8672-b3d7ae644f5c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "3d7c771b-b175-41c9-8ba1-904ef29715fa", "value": "BetaBot" }, @@ -659,6 +811,15 @@ "https://securelist.com/hajime-the-mysterious-evolving-botnet/78160/" ] }, + "related": [ + { + "dest-uuid": "ff8ee85f-4175-4f5a-99e5-0cbc378f1489", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "383fd414-3805-11e8-ac12-c7b5af38ff67", "value": "Hajime" }, @@ -685,6 +846,15 @@ "Hide 'N Seek" ] }, + "related": [ + { + "dest-uuid": "41bf8f3e-bb6a-445d-bb74-d08aae61a94b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "cdf1148c-5358-11e8-87e5-ab60d455597f", "value": "Hide and Seek" }, @@ -727,6 +897,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "variant-of" + }, + { + "dest-uuid": "ec67f206-6464-48cf-a012-3cdfc1278488", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "f24ad5ca-04c5-4cd0-bd72-209ebce4fdbc", @@ -797,6 +974,15 @@ "https://labs.bitdefender.com/2013/12/in-depth-analysis-of-pushdo-botnet/" ] }, + "related": [ + { + "dest-uuid": "b39ffc73-db5f-4a8a-acd2-bee958d69155", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "94d12a03-6ae8-4006-a98f-80c15e6f95c0", "value": "Pushdo" }, @@ -806,6 +992,15 @@ "https://www.us-cert.gov/ncas/alerts/TA15-105A" ] }, + "related": [ + { + "dest-uuid": "467ee29c-317f-481a-a77c-69961eb88c4d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "347e7a64-8ee2-487f-bcb3-ca7564fa836c", "value": "Simda" }, @@ -815,6 +1010,15 @@ "https://en.wikipedia.org/wiki/Virut" ] }, + "related": [ + { + "dest-uuid": "2e99f27c-6791-4695-b88b-de4d4cbda8d6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "cc1432a1-6580-4338-b119-a43236528ea1", "value": "Virut" }, @@ -852,6 +1056,22 @@ "Bashlite" ] }, + "related": [ + { + "dest-uuid": "5fe338c6-723e-43ed-8165-43d95fa93689", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "81917a93-6a70-4334-afe2-56904c1fafe9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "40795af6-b721-11e8-9fcb-570c0b384135", "value": "Gafgyt" }, @@ -899,6 +1119,15 @@ "https://www.bleepingcomputer.com/news/security/new-iot-botnet-torii-uses-six-methods-for-persistence-has-no-clear-purpose/" ] }, + "related": [ + { + "dest-uuid": "a874575e-0ad7-464d-abb6-8f4b7964aa92", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "92f38212-94e2-4d70-9b5e-e977eb1e7b79", "value": "Torii" }, @@ -909,9 +1138,18 @@ "https://blog.trendmicro.com/trendlabs-security-intelligence/persirai-new-internet-things-iot-botnet-targets-ip-cameras/" ] }, + "related": [ + { + "dest-uuid": "2ee05352-3d4a-448b-825d-9d6c10792bf7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e3e91fe2-c7ce-11e8-8e85-6bc15cd2a63c", "value": "Persirai" } ], - "version": 15 -} + "version": 16 +} \ No newline at end of file diff --git a/clusters/exploit-kit.json b/clusters/exploit-kit.json index 9b7e91a..d647bf4 100644 --- a/clusters/exploit-kit.json +++ b/clusters/exploit-kit.json @@ -287,6 +287,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "5eee35b6-bd21-4b67-b198-e9320fcf2c88", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "96b2b31e-b191-43c4-9929-48ba1cbee62c", @@ -570,6 +577,15 @@ "Neutrino-v" ] }, + "related": [ + { + "dest-uuid": "3760920e-4d1a-40d8-9e60-508079499076", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "218ae39b-2f92-4355-91c6-50cce319d26d", "value": "Neutrino" }, @@ -745,5 +761,5 @@ "value": "Unknown" } ], - "version": 10 -} + "version": 11 +} \ No newline at end of file diff --git a/clusters/malpedia.json b/clusters/malpedia.json index 37cb020..9d9eb81 100644 --- a/clusters/malpedia.json +++ b/clusters/malpedia.json @@ -35,6 +35,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a3dad2be-ce62-4440-953b-00fbce7aba93", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "80447111-8085-40a4-a052-420926091ac6", "value": "AndroRAT" }, @@ -80,6 +89,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "4ed03b03-a34f-4583-9db1-6c58a4bd952b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "85975621-5126-40cb-8083-55cbfa75121b", "value": "BankBot" }, @@ -108,6 +126,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d1c600f8-0fb6-4367-921b-85b71947d950", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6e0545df-8df6-4990-971c-e96c4c60d561", "value": "Charger" }, @@ -128,6 +155,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "33d9d91d-aad9-49d5-a516-220ce101ac8a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "9d7c772b-43f1-49cf-bc70-7a7cd2ed34c8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "93799a9d-3537-43d8-b6f4-17215de1657c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "52acea22-7d88-433c-99e6-8fef1657e3ad", "value": "Chrysaor" }, @@ -156,6 +206,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "e186384b-8001-4cdd-b170-1548deb8bf04", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "93b1c63a-4a34-44fd-805b-0a3470ff7e6a", "value": "Connic" }, @@ -182,6 +241,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "6671bb0b-4fab-44a7-92f9-f641a887a0aa", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "10d0115a-00b4-414e-972b-8320a2bb873c", "value": "DoubleLocker" }, @@ -195,6 +263,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "507fe748-5e4a-4b45-9e9f-8b1115f4e878", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8269e779-db23-4c94-aafb-36ee94879417", "value": "DualToy" }, @@ -221,6 +298,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f691663a-b360-4c0d-a4ee-e9203139c38e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c9f2b058-6c22-462a-a20a-fca933a597dd", "value": "ExoBot" }, @@ -262,6 +348,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a01e1d0b-5303-4d11-94dc-7db74f3d599d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "3b6c1771-6d20-4177-8be0-12116e254bf5", "value": "GhostCtrl" }, @@ -318,6 +413,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "1cc8963b-5ad4-4e19-8e9a-57b0ff1ef926", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8804e02c-a139-4c3d-8901-03302ca1faa0", "value": "JadeRAT" }, @@ -384,6 +488,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "b8fa5036-813f-4887-b4d4-bb17b4a7eba0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "fbda9705-677b-4c5b-9b0b-13b52eff587c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a6f481fe-b6db-4507-bb3c-28f10d800e2f", "value": "Loki" }, @@ -397,6 +517,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "b8fa5036-813f-4887-b4d4-bb17b4a7eba0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "fbda9705-677b-4c5b-9b0b-13b52eff587c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4793a29b-1191-4750-810e-9301a6576fc4", "value": "LokiBot" }, @@ -414,6 +550,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "c9f2b058-6c22-462a-a20a-fca933a597dd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f691663a-b360-4c0d-a4ee-e9203139c38e", "value": "Marcher" }, @@ -441,6 +586,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "53e2e7e8-70a8-11e8-b0f8-33fcf651adaf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "0a53ace4-98ae-442f-be64-b8e373948bde", "value": "MysteryBot" }, @@ -455,6 +609,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f091dfcb-07f4-4414-849e-c644e7327d94", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ec936d58-6607-4e33-aa97-0e587bbbdda5", "value": "OmniRAT" }, @@ -471,6 +634,36 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "ccd61dfc-b03f-4689-8c18-7c97eab08472", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "56660521-6db4-4e5a-a927-464f22954b7c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "0a32ceea-fa66-47ab-8bde-150dbd6d2e40", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "3e2c99f9-66cd-48be-86e9-d7c1c164d87c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "0a7d9d22-a26d-4a2b-ab9b-b296176c3ecf", "value": "X-Agent" }, @@ -510,6 +703,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d10f8cd5-0077-4d8f-9145-03815a68dd33", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e9aaab46-abb1-4390-b37b-d0457d05b28f", "value": "RedAlert2" }, @@ -528,6 +730,29 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "80acc956-d418-42e3-bddf-078695a01289", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "87b69cb4-8b65-47ee-91b0-9b1decdd5c5c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "e159c4f8-3c22-49f9-a60a-16588a9c22b0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "22ef1e56-7778-41d1-9b2b-737aa5bf9777", "value": "Retefe" }, @@ -542,6 +767,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f35f219a-6eed-11e8-980a-93bb96299951", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "31d2ce1f-44bf-4738-a41d-ddb43466cd82", "value": "Roaming Mantis" }, @@ -556,6 +790,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "05f5a051-d7a2-4757-a2f0-d685334d9374", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "db3dcfd1-79d2-4c91-898f-5f2463d7c417", "value": "Rootnik" }, @@ -570,6 +813,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "3e19d162-9ee1-11e8-b8d7-d32141691f1f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f5fded3c-8f45-471a-a372-d8be101e1b22", "value": "Skygofree" }, @@ -586,6 +838,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "f8047de2-fefc-4ee0-825b-f1fae4b20c09", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "3d3aa832-8847-47c5-9e31-ef13ab7ab6fb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "620981e8-49c8-486a-b30c-359702c8ffbc", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d87e2574-7b9c-4ea7-98eb-88f3e139f6ff", "value": "Slempo" }, @@ -625,6 +900,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "93b1c63a-4a34-44fd-805b-0a3470ff7e6a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e186384b-8001-4cdd-b170-1548deb8bf04", "value": "SpyBanker" }, @@ -638,6 +922,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "ea727e26-b3de-44f8-86c5-11a912c7a8aa", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "31592c69-d540-4617-8253-71ae0c45526c", "value": "SpyNote" }, @@ -677,6 +970,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a33df440-f112-4a5e-a290-3c65dae6091d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "426ead34-b3e6-45c7-ba22-5b8f3b8214bd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d99c0a47-9d61-4d92-86ec-86a87b060d76", "value": "Svpeng" }, @@ -690,6 +999,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "60857664-0671-4b12-ade9-86ee6ecb026a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e3e90666-bc19-4741-aca8-1e4cbc2f4c9e", "value": "Switcher" }, @@ -830,6 +1148,29 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "da21929e-40c0-443d-bdf4-6b60d15448b4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "5a78ec38-8b93-4dde-a99e-0c9b77674838", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "e683cd91-40b4-4e1c-be25-34a27610a22e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4cfa42a3-71d9-43e2-bf23-daa79f326387", "value": "Xbot" }, @@ -908,6 +1249,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "5fe338c6-723e-43ed-8165-43d95fa93689", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "40795af6-b721-11e8-9fcb-570c0b384135", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "81917a93-6a70-4334-afe2-56904c1fafe9", "value": "Bashlite" }, @@ -983,6 +1340,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "ee73e375-3ac2-4ce0-b24b-74fd82d52864", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "479353aa-c6d7-47a7-b5f0-3f97fd904864", "value": "Erebus" }, @@ -1016,6 +1382,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "383fd414-3805-11e8-ac12-c7b5af38ff67", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ff8ee85f-4175-4f5a-99e5-0cbc378f1489", "value": "Hajime" }, @@ -1049,6 +1424,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "cdf1148c-5358-11e8-87e5-ab60d455597f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "41bf8f3e-bb6a-445d-bb74-d08aae61a94b", "value": "Hide and Seek" }, @@ -1143,6 +1527,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "dcbf1aaa-1fdd-4bfc-a35e-145ffdfb5ac5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "fcdfd4af-da35-49a8-9610-19be8a487185", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "17e12216-a303-4a00-8283-d3fe92d0934c", "value": "Mirai" }, @@ -1203,6 +1603,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f24ad5ca-04c5-4cd0-bd72-209ebce4fdbc", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ec67f206-6464-48cf-a012-3cdfc1278488", "value": "Owari" }, @@ -1231,6 +1640,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "e3e91fe2-c7ce-11e8-8e85-6bc15cd2a63c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2ee05352-3d4a-448b-825d-9d6c10792bf7", "value": "Persirai" }, @@ -1289,6 +1707,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "1ad4697b-3388-48ed-8621-85abebf5dbbf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "e77cf495-632a-4459-aad1-cdf29d73683f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "9e5d83a8-1181-43fe-a77f-28c8c75ffbd0", "value": "Satori" }, @@ -1341,6 +1775,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f258f96c-8281-4b24-8aa7-4e23d1a5540e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "275d65b9-0894-4c9b-a255-83daddb2589c", "value": "SSHDoor" }, @@ -1367,6 +1810,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "92f38212-94e2-4d70-9b5e-e977eb1e7b79", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a874575e-0ad7-464d-abb6-8f4b7964aa92", "value": "Torii" }, @@ -1426,6 +1878,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "3d8e547d-9456-4f32-a895-dc86134e282f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "2a18f5dd-40fc-444b-a7c6-85f94b3eee13", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "637000f7-4363-44e0-b795-9cfb7a3dc460", "value": "Umbreon" }, @@ -1493,6 +1961,36 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "ccd61dfc-b03f-4689-8c18-7c97eab08472", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "56660521-6db4-4e5a-a927-464f22954b7c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "0a32ceea-fa66-47ab-8bde-150dbd6d2e40", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "3e2c99f9-66cd-48be-86e9-d7c1c164d87c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "0a7d9d22-a26d-4a2b-ab9b-b296176c3ecf", "value": "X-Agent" }, @@ -1549,6 +2047,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "507fe748-5e4a-4b45-9e9f-8b1115f4e878", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8269e779-db23-4c94-aafb-36ee94879417", "value": "DualToy" }, @@ -1575,6 +2082,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "326eaf7b-5784-4f08-8fc2-61fd5d5bc5fb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "bc32df24-8e80-44bc-80b0-6a4d55661aa5", "value": "WireLurker" }, @@ -1600,6 +2116,36 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "b76d9845-815c-4e77-9538-6b737269da2f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "ab4694d6-7043-41f2-b328-d93bec9c1b22", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "ce1a9641-5bb8-4a61-990a-870e9ef36ac1", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "dadccdda-a4c2-4021-90b9-61a394e602be", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8eb9d4aa-257a-45eb-8c65-95c18500171c", "value": "AdWind" }, @@ -1633,6 +2179,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "1df62d96-88f8-473c-94a2-252eb360ba62", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f2a9f583-b4dd-4669-8808-49c8bbacc376", "value": "jRAT" }, @@ -1646,6 +2201,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "669a0e4d-9760-49fc-bdf5-0471f84e0c76", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ff24997d-1f17-4f00-b9b8-b3392146540f", "value": "jSpy" }, @@ -1690,6 +2254,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a51f07ae-ab2c-45ee-aa9c-1db7873e7bb4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "da032a95-b02a-4af2-b563-69f686653af4", "value": "Ratty" }, @@ -1703,6 +2276,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "06d735e7-1db1-4dbe-ab4b-acbe419f902b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "fd419da6-5c0d-461e-96ee-64397efac63b", "value": "AIRBREAK" }, @@ -1716,6 +2298,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "81faf0c1-0595-436b-a66a-05d8b435bccd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "fb75a753-24ba-4b58-b7ed-2e39b0c68c65", "value": "Bateleur" }, @@ -1942,6 +2533,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "5bc62523-dc80-46b4-b5cb-9caf44c11552", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "74360d1e-8f85-44d1-8ce7-e76afb652142", "value": "CpuMeaner" }, @@ -1972,6 +2572,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "c359c74e-4155-4e66-a344-b56947f75119", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "c17f6e4b-70c5-42f8-a91b-19d73485bd04", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4b2ab902-811e-4b50-8510-43454d77d027", "value": "Crisis" }, @@ -2061,6 +2677,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "6a6525b9-4656-4973-ab45-588592395d0c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a517cdd1-6c82-4b29-bdd2-87e281227597", "value": "FruitFly" }, @@ -2105,6 +2730,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "63292b32-9867-4fb2-9e59-d4983d4fd5d1", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "01643bc9-bd61-42e8-b9f1-5fbf83dcd786", "value": "KeRanger" }, @@ -2156,6 +2790,78 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "f108215f-3487-489d-be8b-80e346d32518", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "75c79f95-4c84-4650-9158-510f0ce4831d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "8ae43c46-57ef-47d5-a77a-eebb35628db2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "bef4c620-0787-42a8-a96d-b7eb6e85917c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "43cd8a09-9c80-48c8-9568-1992433af60a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "1de47f51-1f20-403b-a2e1-5eaabe275faa", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "3948ce95-468e-4ce1-82b1-57439c6d6afd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "60c18d06-7b91-4742-bae3-647845cd9d81", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "6bd20349-1231-4aaa-ba2a-f4b09d3b344c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "df36267b-7267-4c23-a7a1-cf94ef1b3729", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d26b5518-8d7f-41a6-b539-231e4962853e", "value": "Komplex" }, @@ -2197,6 +2903,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "14f08f6f-7f58-48a8-8469-472244ffb571", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "910d3c78-1a9e-4600-a3ea-4aa5563f0f13", "value": "MacDownloader" }, @@ -2224,6 +2939,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "7574c7f1-5075-4230-aca9-d6c0956f1fac", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "66862f1a-5823-4a9a-bd80-439aaafc1d8b", "value": "MacRansom" }, @@ -2237,6 +2961,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "b7cea5fe-d3fe-47cf-ba82-104c90e130ff", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c9915d41-d1fb-45bc-997e-5cd9c573d8e7", "value": "MacSpy" }, @@ -2290,6 +3023,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "4e2f0af2-6d2d-4a49-adc9-fae3745fcb72", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "aa1bf4e5-9c44-42a2-84e5-7526e4349405", "value": "Mughthesec" }, @@ -2335,6 +3077,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "e211ea8d-5042-48ae-86c6-15186d1f8dba", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "091c9923-5939-4bde-9db5-56abfb51f1a2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "bad1057c-4f92-4747-a0ec-31bcc062dab8", "value": "Patcher" }, @@ -2385,6 +3143,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "29e52693-b325-4c14-93de-8f2ff9dca8bf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "70059ec2-9315-4af7-b65b-2ec35676a7bb", "value": "Pwnet" }, @@ -2403,6 +3170,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "22ef1e56-7778-41d1-9b2b-737aa5bf9777", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "87b69cb4-8b65-47ee-91b0-9b1decdd5c5c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "e159c4f8-3c22-49f9-a60a-16588a9c22b0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "80acc956-d418-42e3-bddf-078695a01289", "value": "Dok" }, @@ -2430,6 +3220,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "80a014ba-3fef-4768-990b-37d8bd10d7f4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "22332d52-c0c2-443c-9ffb-f08c0d23722c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d674ffd2-1f27-403b-8fe9-b4af6e303e5c", "value": "Uroburos" }, @@ -2444,6 +3250,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d3afa961-a80c-4043-9509-282cdf69ab21", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "9b3a4cff-1c5a-4fd6-b49c-27240b6d622c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "7f8166e2-c7f4-4b48-a07b-681b61a8f2c1", "value": "Winnti" }, @@ -2458,6 +3280,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "326eaf7b-5784-4f08-8fc2-61fd5d5bc5fb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "bc32df24-8e80-44bc-80b0-6a4d55661aa5", "value": "WireLurker" }, @@ -2487,6 +3318,36 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "ccd61dfc-b03f-4689-8c18-7c97eab08472", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "56660521-6db4-4e5a-a927-464f22954b7c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "0a32ceea-fa66-47ab-8bde-150dbd6d2e40", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "3e2c99f9-66cd-48be-86e9-d7c1c164d87c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "0a7d9d22-a26d-4a2b-ab9b-b296176c3ecf", "value": "X-Agent" }, @@ -2583,6 +3444,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "5e595477-2e78-4ce7-ae42-e0b059b17808", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "6e45f758-7bd9-44b8-a21c-7309614ae176", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4df1b257-c242-46b0-b120-591430066b6f", "value": "POSHSPY" }, @@ -2596,6 +3473,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "9fa93bb7-2997-4864-aa0e-0e667990dec8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5c5beab9-614c-4c86-b369-086234ddb43c", "value": "PowerWare" }, @@ -2609,6 +3495,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "09b2cd76-c674-47cc-9f57-d2f2ad150a46", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "63f6df51-4de3-495a-864f-0a7e30c3b419", "value": "POWRUNER" }, @@ -2736,6 +3631,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "664701d6-7948-4e80-a333-1d1938103ba1", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ac2608e9-7851-409f-b842-e265b877a53c", "value": "7ev3n" }, @@ -2760,6 +3664,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "73a4793a-ce55-4159-b2a6-208ef29b326f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "70c31066-237a-11e8-8eff-37ef1ad0c703", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "2f899e3e-1a46-43ea-8e68-140603ce943d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "bab647d7-c9d6-4697-8fd2-1295c7429e1f", "value": "9002 RAT" }, @@ -2889,6 +3816,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "9223bf17-7e32-4833-9574-9ffd8c929765", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "da5880b4-f7da-4869-85f2-e0aba84b8565", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "da079741-05e6-458c-b434-011263dc691c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d9cc15f7-0880-4ae4-8df4-87c58338d6b8", "value": "Agent.BTZ" }, @@ -2908,6 +3858,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f8cd62cb-b9d3-4352-8f46-0961cfde104c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b88e29cf-79d9-42bc-b369-0383b5e04380", "value": "Agent Tesla" }, @@ -3024,6 +3983,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "dd356ed3-42b8-4587-ae53-95f933517612", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5060756f-8385-465d-a7dd-7bf09a54da92", "value": "Alphabet Ransomware" }, @@ -3037,6 +4005,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a27fff00-995a-4598-ba00-05921bf20e80", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c1b9e8c5-9283-4dbe-af10-45956a446fb7", "value": "AlphaLocker" }, @@ -3083,6 +4060,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "61a17703-7837-4cc9-b022-b5ed6b30efc1", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ad4e6779-59a6-4ad6-98de-6bd871ddb271", "value": "Alureon" }, @@ -3131,6 +4117,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "b9f00c61-6cd1-4112-a632-c8d3837a7ddd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "07f46d21-a5d4-4359-8873-18e30950df1a", "value": "Andromeda" }, @@ -3184,6 +4179,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "e38b8876-5780-4574-9adf-304e9d659bdb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "d5d3f9de-21b5-482e-b716-5f2f13182990", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e87d9df4-b464-4458-ae1f-31cea40d5f96", "value": "Apocalypse" }, @@ -3240,6 +4251,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "cd6527d1-17a7-4825-8b4b-56e113d0efb1", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "1a4f99cc-c078-41f8-9749-e1dc524fc795", "value": "ARS VBS Loader" }, @@ -3281,6 +4301,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "0d58f329-1356-468c-88ab-e21fbb64c02b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ba557993-f64e-4538-8f13-dafaa3c0db00", "value": "Asprox" }, @@ -3402,6 +4431,29 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "73a4793a-ce55-4159-b2a6-208ef29b326f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "70c31066-237a-11e8-8eff-37ef1ad0c703", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "bab647d7-c9d6-4697-8fd2-1295c7429e1f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2f899e3e-1a46-43ea-8e68-140603ce943d", "value": "Aurora" }, @@ -3507,6 +4559,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "57b221bc-7ed6-4080-bc66-813d17009485", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "947dffa1-0184-48d4-998e-1899ad97e93e", "value": "Babar" }, @@ -3604,6 +4665,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d530ea76-9bbc-4276-a2e3-df04e0e5a14c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f09af1cc-cf9d-499a-9026-e783a3897508", "value": "Bagle" }, @@ -3664,6 +4734,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "f68555ff-6fbd-4f5a-bc23-34996f629c52", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "137cde28-5c53-489b-ad0b-d0fa2e342324", "value": "Banjori" }, @@ -3678,6 +4757,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d9431c02-5391-11e8-931f-4beceb8bd697", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "bc67677c-c0e7-4fb1-8619-7f43fa3ff886", "value": "Bankshot" }, @@ -3690,6 +4778,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "3cf2c880-e0b5-4311-9c4e-6293f2a566e7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "1dfd3ba6-7f82-407f-958d-c4a2ac055123", "value": "Bart" }, @@ -3728,6 +4825,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "64d76fa5-cf8f-469c-b78c-1a4f7c5bad80", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "cad1d6db-3a6c-4d67-8f6e-627d8a168d6a", "value": "BBSRAT" }, @@ -3740,6 +4846,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "066f8ad3-0c99-43eb-990c-8fae2c232f62", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "af338ac2-8103-4419-8393-fb4f3b43af4b", "value": "Bedep" }, @@ -3787,6 +4902,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "3d7c771b-b175-41c9-8ba1-904ef29715fa", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "837c5618-69dc-4817-8672-b3d7ae644f5c", "value": "BetaBot" }, @@ -3872,6 +4996,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "54cc1d4f-5c53-4f0e-9ef5-11b4998e82e4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "5a22cad7-65fa-4b7a-a7aa-7915a6101efa", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "82c644ab-550a-4a83-9b35-d545f4719069", "value": "BlackEnergy" }, @@ -3985,6 +5125,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "41f45758-0376-42a8-bc07-8f2ffbee3ad2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f9d0e934-879c-4668-b959-6bf7bdc96f5d", "value": "Bozok" }, @@ -4000,6 +5149,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "4c057ade-6989-11e8-9efd-ab33ed427468", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d97ae60e-612a-4feb-908a-8c4d32e9d763", "value": "Brambul" }, @@ -4067,6 +5225,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "67fc172a-36fa-4a35-88eb-4ba730ed52a6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "25cd01bc-1346-4415-8f8d-d3656309ef6b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "35e00ff0-704e-4e61-b9bb-9ed20a4a008f", "value": "BS2005" }, @@ -4092,6 +5266,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "66781866-f064-467d-925d-5e5f290352f0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "7ca93488-c357-44c3-b246-3f88391aca5a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "16794655-c0e2-4510-9169-f862df104045", "value": "Bugat" }, @@ -4171,6 +5361,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "27a7fd9b-ec9a-4f4a-b3f5-a3b81c71970a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "69a3e0ed-1727-4a9c-ae21-1e32322ede93", "value": "Buzus" }, @@ -4236,6 +5435,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "2fafe8b2-b0db-11e8-a81e-4b62ee50bd87", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ecac83ab-cd64-4def-979a-40aeeca0400b", "value": "CamuBot" }, @@ -4266,6 +5474,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "72f54d66-675d-4587-9bd3-4ed09f9522e4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8c246ec4-eaa5-42c0-b137-29f28cbb6832", "value": "Carbanak" }, @@ -4291,6 +5508,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "1d9fbf33-faea-40c1-b543-c7b39561f0ff", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "3d3da4c0-004c-400c-9da6-f83fd35d907e", "value": "Cardinal RAT" }, @@ -4304,6 +5530,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "63b3e6fb-9bb8-43dc-9cbf-7681b049b5d6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "3198501e-0ff0-43b7-96f0-321b463ab656", "value": "Casper" }, @@ -4374,6 +5609,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "190edf95-9cd9-4e4a-a228-b716d52a751b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "79a7203a-6ea5-4c39-abd4-faa20cf8821a", "value": "Cerber" }, @@ -4405,6 +5649,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "dc5d1a33-62aa-4a0c-aa8c-589b87beb11e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "d71604d2-a17e-4b4e-82be-19cb54f93161", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6eee9bf9-ffce-4c88-a5ad-9d80f6fc727c", "value": "ChChes" }, @@ -4477,6 +5737,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "6deb9f26-969b-45aa-9222-c23663fd6ef8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "9441a589-e23d-402d-9603-5e55e3e33971", "value": "Chthonic" }, @@ -4493,6 +5762,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "9eb89081-3245-423a-995f-c1d78ce39619", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "7f550cae-98b7-4a0c-bed2-d79227dc6310", "value": "Citadel" }, @@ -4506,6 +5784,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d840e5af-3e6b-49af-ab82-fb4f8740bf55", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c2bd0771-55d6-4242-986d-4bfd735998ba", "value": "Client Maximus" }, @@ -4566,6 +5853,29 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "ca44dd5e-fd9e-48b5-99cb-0b2629b9265f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "3da22160-12d9-4d27-a99f-338e8de3844a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "aafea02e-ece5-4bb2-91a6-3bf8c7f38a39", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "1a1d3ea4-972e-4c48-8d85-08d9db8f1550", "value": "Cobalt Strike" }, @@ -4580,6 +5890,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "8c49da10-2b59-42c4-81e6-75556decdecb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "aa553bbd-f6e4-4774-9ec5-4607aa2004b8", "value": "Cobian RAT" }, @@ -4787,6 +6106,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "ab49815e-8ba6-41ec-9f51-8a9587334069", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5f638985-49e1-4059-b2eb-f2ffa397b212", "value": "Conficker" }, @@ -4842,6 +6170,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "8a3d46db-d3b4-4f89-99e2-d1f0de3f484c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "495377c4-1be5-4c65-ba66-94c221061415", "value": "Corebot" }, @@ -4927,6 +6264,29 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "8d8efbc6-d1b7-4ec8-bab3-591edba337d0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "326af1cd-78e7-45b7-a326-125d2f7ef8f2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "858edfb8-793a-430b-8acc-4310e7d2f0d3", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a61fc694-a88a-484d-a648-db35b49932fd", "value": "Crimson" }, @@ -4942,6 +6302,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "c359c74e-4155-4e66-a344-b56947f75119", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "c17f6e4b-70c5-42f8-a91b-19d73485bd04", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4b2ab902-811e-4b50-8510-43454d77d027", "value": "Crisis" }, @@ -4959,6 +6335,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "3c51fc0e-42d8-4ff0-b1bd-5c8c20271a39", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "4f3e494e-0e37-4894-94b2-741a8100f07a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "32fa6c53-b4fc-47f8-894c-1ea74180e02f", "value": "Cryakl" }, @@ -4971,6 +6363,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "8ff729d9-aee5-4b85-a59d-3f57e105be40", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "629f6986-2c1f-4d0a-b805-e4ef3e2ce634", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "980ea9fa-d29d-4a44-bb87-0c050f8ddeaf", "value": "CryLocker" }, @@ -5012,6 +6420,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "b35b1ca2-f99c-4495-97a5-b8f30225cb90", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c5a783da-9ff3-4427-84c5-428480b21cc7", "value": "CryptoLocker" }, @@ -5041,6 +6458,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "c76110ea-15f1-4adf-a28d-c707374dbb3a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "55d5742e-20f5-4c9a-887a-4dbd5b37d921", "value": "CryptoMix" }, @@ -5106,6 +6532,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "4bb11db7-17a0-4536-b817-419ae6299004", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "bc0c1e48-102c-4e6b-9b86-c442c4798159", "value": "CryptoWire" }, @@ -5121,6 +6556,29 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "26c8b446-305c-4057-83bc-85b09630281e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "b817ce63-f1c3-49de-bd8b-fd56c3f956c9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "7f6cd579-b021-4896-80da-fcc07c35c8b2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ae4aa1ef-4da0-4952-9583-9d47f84edad9", "value": "CryptoFortress" }, @@ -5134,6 +6592,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "de53f392-8794-43d1-a38b-c0b90c20a3fb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2f65f056-6cba-4a5b-9aaf-daf31eb76fc2", "value": "CryptoRansomeware" }, @@ -5216,6 +6683,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "35e25aad-7c39-4a1d-aa17-73fa638362e8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "9e8655fc-5bba-4efd-b3c0-db89ee2e0e0b", "value": "Cutwail" }, @@ -5231,6 +6707,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "c3cf4e88-704b-4d7c-8185-ee780804f3d3", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "062d8577-d6e6-4c97-bcac-eb6eb1a50a8d", "value": "CyberGate" }, @@ -5243,6 +6728,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "587589df-ee42-43f4-9480-c65d6e1d7e0f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8bde6075-8c5b-4ff1-be9a-4e2b1d3419aa", "value": "CyberSplitter" }, @@ -5286,6 +6780,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "844417c6-a404-4c4e-8e93-84db596d725b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4f7decd4-054b-4dd7-89cc-9bdb248f7c8a", "value": "DanaBot" }, @@ -5305,6 +6808,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "8a21ae06-d257-48a0-989b-1c9aebedabc2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "9ad11139-e928-45cf-a0b4-937290642e92", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5086a6e0-53b2-4d96-9eb3-a0237da2e591", "value": "DarkComet" }, @@ -5336,6 +6855,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "310f437b-29e7-4844-848c-7220868d074a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "81ca4876-b4a4-43e9-b8a9-8a88709dd3d2", "value": "Darkmoon" }, @@ -5435,6 +6963,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "b6b3dfc7-9a81-43ff-ac04-698bad48973a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "70f6c71f-bc0c-4889-86e3-ef04e5b8415b", "value": "Daserf" }, @@ -5463,6 +7000,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "57dd0828-79d7-11e8-a7d8-57db14e1ef24", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "cae8384d-b01b-4f9c-a31b-f693e12ea6b2", "value": "DDKONG" }, @@ -5544,6 +7090,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "94379dec-5c87-49db-b36e-66abc0b81344", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "eff68b97-f36e-4827-ab1a-90523c16774c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "7ea00126-add3-407e-b69d-d4aa1b3049d5", "value": "Derusbi" }, @@ -5642,6 +7204,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "9fed4326-a7ad-4c58-ab87-90ac3957d82f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8f5ce8a6-c5fe-4c62-b25b-6ce0f3b724c5", "value": "Dimnie" }, @@ -5656,6 +7227,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "cdcc59a0-955e-412d-b481-8dff4bce6fdf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "61b2dd12-2381-429d-bb64-e3210804a462", "value": "DirCrypt" }, @@ -5704,6 +7284,29 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "ee8ccb36-2596-43a3-a044-b8721dbeb2ab", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "4f6aa78c-c3d4-4883-9840-96ca2f5d6d47", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "17e919aa-4a49-445c-b103-dbb8df9e7351", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b376580e-aba1-4ac9-9c2d-2df429efecf6", "value": "DNSMessenger" }, @@ -5779,6 +7382,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "08d20cd2-f084-45ee-8558-fa6ef5a18519", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "837a295c-15ff-41c0-9b7e-5f2fb502b00a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e6a077cb-42cc-4193-9006-9ceda8c0dff2", "value": "Downdelph" }, @@ -5805,6 +7424,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "e48df773-7c95-4a4c-ba70-ea3d15900148", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "227862fd-ae83-4e3d-bb69-cc1a45a13aed", "value": "DownPaper" }, @@ -5852,6 +7480,36 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "276c2c2e-09da-44cf-a3f7-806b3feb41da", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "66781866-f064-467d-925d-5e5f290352f0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "44754726-e1d5-4e5f-a113-234c4a8ca65e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "7ca93488-c357-44c3-b246-3f88391aca5a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b4216929-1626-4444-bdd7-bfd4b68a766e", "value": "Dridex" }, @@ -5892,6 +7550,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "507fe748-5e4a-4b45-9e9f-8b1115f4e878", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8269e779-db23-4c94-aafb-36ee94879417", "value": "DualToy" }, @@ -5976,6 +7643,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "63c2a130-8a5b-452f-ad96-07cf0af12ffe", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "15e969e6-f031-4441-a49b-f401332e4b00", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "1ecbcd20-f238-47ef-874b-08ef93266395", "value": "Dyre" }, @@ -5989,6 +7672,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "254f4f67-d850-4dc5-8ddb-2e955ddea287", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "b96be762-56a0-4407-be04-fcba76c1ff29", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "24fe5fef-6325-4c21-9c35-a0ecd185e254", "value": "EDA2" }, @@ -6015,6 +7714,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "c0ea7b89-d246-4eb7-8de4-b4e17e135051", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "eb189fd3-ca39-4bc7-be2d-4ea9e89d9ab9", "value": "Elirks" }, @@ -6031,6 +7739,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "7551188b-8f91-4d34-8350-0d0c57b2b913", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "d70fd29d-590e-4ed5-b72f-6ce0142019c6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "3477a25d-e04b-475e-8330-39f66c10cc01", "value": "Elise" }, @@ -6047,6 +7771,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a8395aae-1496-417d-98ee-3ecbcd9a94a0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6bf7aa6a-3003-4222-805e-776cb86dc78a", "value": "Emdivi" }, @@ -6077,6 +7810,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "251fbae2-78f6-4de7-84f6-194c727a64ad", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2a4cacb7-80a1-417e-8b9c-54b4089f35d9", "value": "Enfal" }, @@ -6093,6 +7835,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "3e0c2d35-87cb-40f9-b341-a6c8dbec697e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c4490972-3403-4043-9d61-899c0a440940", "value": "EquationDrug" }, @@ -6127,6 +7878,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "ee73e375-3ac2-4ce0-b24b-74fd82d52864", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "479353aa-c6d7-47a7-b5f0-3f97fd904864", "value": "Erebus" }, @@ -6196,6 +7956,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "e8af6388-6575-4812-94a8-9df1567294c5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "00c31914-bc0e-11e8-8241-3ff3b5e4671d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6f736038-4f74-435b-8904-6870ee0e23ba", "value": "EternalPetya" }, @@ -6242,6 +8018,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "2f1a9fd0-3b7c-4d77-a358-78db13adbe78", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "c9b4ec27-0a43-4671-a967-bcac5df0e056", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "c542f369-f06d-4168-8c84-fdf5fc7f2a8d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "438c6d0f-03f0-4b49-89d2-40bf5349c3fc", "value": "EvilGrab" }, @@ -6395,6 +8194,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "1e25d254-3f03-4752-b8d6-023a23e7d4ae", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6d441619-c5f5-45ff-bc63-24cecd0b237e", "value": "Fanny" }, @@ -6436,6 +8244,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "196f1f32-e0c2-4d46-99cd-234d4b6befe1", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "07a41ea7-17b2-4852-bfd7-54211c477dc0", "value": "Felismus" }, @@ -6469,6 +8286,43 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "276c2c2e-09da-44cf-a3f7-806b3feb41da", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "b4216929-1626-4444-bdd7-bfd4b68a766e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "44754726-e1d5-4e5f-a113-234c4a8ca65e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "7ca93488-c357-44c3-b246-3f88391aca5a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "16794655-c0e2-4510-9169-f862df104045", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "66781866-f064-467d-925d-5e5f290352f0", "value": "Feodo" }, @@ -6532,6 +8386,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "a5528622-3a8a-4633-86ce-8cdaf8423858", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "541b64bc-87ec-4cc2-aaee-329355987853", "value": "FinFisher RAT" }, @@ -6545,6 +8408,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "968df869-7f60-4420-989f-23dfdbd58668", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "9ad28356-184c-4f02-89f5-1b70981598c3", "value": "Fireball" }, @@ -6558,6 +8430,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "721ba430-fd28-454c-8512-24339ef2235f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c4346ed0-1d74-4476-a78c-299bce0409bd", "value": "FireCrypt" }, @@ -6571,6 +8452,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "6ef11b6e-d81a-465b-9dce-fab5c6fe807b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "9715c6bc-4b1e-49a2-b1d8-db4f4c4f042c", "value": "FireMalv" }, @@ -6600,6 +8490,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "3c1003a2-8364-467a-b9b8-fcc19724a9b5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "18419355-fd28-41a6-bffe-2df68a7166c4", "value": "FlawedAmmyy" }, @@ -6676,6 +8575,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "da124511-463c-4514-ad05-7ec8db1b38aa", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "bb836040-c161-4932-8f89-bc2ca2e8c1c0", "value": "Fobber" }, @@ -6893,6 +8801,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "76abb3ef-dafd-4762-97cb-a35379429db4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "0a3047b3-6a38-48ff-8f9c-49a5c28e3ada", "value": "Gazer" }, @@ -6951,6 +8868,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "3f7616bd-f1de-46ee-87c2-43c0c2edaa28", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "8e002f78-7fb8-4e70-afd7-0b4ac655be26", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d29eb927-d53d-4af2-b6ce-17b3a1b34fe7", "value": "Geodo" }, @@ -7031,6 +8964,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "a68f1b43-c742-4f90-974d-2e74ec703e44", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6201c337-1599-4ced-be9e-651a624c20be", "value": "GhostAdmin" }, @@ -7054,6 +8996,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "255a59a7-db2d-44fc-9ca9-5859b65817c3", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "225fa6cf-dc9c-4b86-873b-cdf1d9dd3738", "value": "Ghost RAT" }, @@ -7100,6 +9051,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "e03873ef-9e3d-4d07-85d8-e22a55f60c19", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "73806c57-cef8-4f7b-a78b-7949ef83b2c2", "value": "GlobeImposter" }, @@ -7283,6 +9243,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "07ffcf9f-b9c0-4b22-af4b-78527427e6f5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "329efac7-922e-4d8b-90a9-4a87c3281753", "value": "GootKit" }, @@ -7296,6 +9265,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "b6ddc2c6-5890-4c60-9b10-4274d1a9cc22", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "9fbb5822-1660-4651-9f57-b6f83a881786", "value": "GovRAT" }, @@ -7319,6 +9297,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "75b01a1e-3269-4f4c-bdba-37af4e9c3f54", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "4f3ad937-bf2f-40cb-9695-a2bedfd41bfa", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "b9448d2a-a23c-4bf2-92a1-d860716ba2f3", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "75329c9e-a218-4299-87b2-8f667cd9e40c", "value": "Gozi" }, @@ -7336,6 +9337,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "7914f9c9-3257-464c-b918-3754c4d018af", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "127c3d76-6323-4363-93e0-cd06ade0dd52", "value": "GPCode" }, @@ -7362,6 +9372,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f3ac3d86-0fa2-4049-bfbc-1970004b8d32", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "94b942e2-cc29-447b-97e2-e496cbf2aadf", "value": "Graftor" }, @@ -7448,6 +9467,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "b07c2c47-fefb-4d7c-a69e-6a3296171f54", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8410d208-7450-407d-b56c-e5c1ced19632", "value": "gsecdump" }, @@ -7523,6 +9551,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "ff0404a1-465f-4dd5-8b66-ee773628ca64", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "cd201689-4bf1-4c5b-ac4d-21c4dcc39e7d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4166ab63-24b0-4448-92ea-21c8deef978d", "value": "Hancitor" }, @@ -7564,6 +9608,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "083bb47b-02c8-4423-81a2-f9ef58572974", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "d7183f66-59ec-4803-be20-237b442259fc", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c04fc02e-f35a-44b6-a9b0-732bf2fc551a", "value": "Havex RAT" }, @@ -7584,6 +9644,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "42a97a5d-ee33-492a-b20f-758ecdbf1aed", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "31615066-dbff-4134-b467-d97a337b408b", "value": "HawkEye Keylogger" }, @@ -7612,6 +9681,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "eff1a885-6f90-42a1-901f-eef6e7a1905e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "19d89300-ff97-4281-ac42-76542e744092", "value": "Helminth" }, @@ -7639,6 +9717,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "6489895b-0213-4564-9cfc-777df58d84c9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ca8482d9-657b-49fe-8345-6ed962a9735a", "value": "Herbst" }, @@ -7679,6 +9766,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "b7102922-8aad-4b29-8518-6d87c3ba45bb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4d8da0af-cfd7-4990-b211-af0e9906eca0", "value": "Hermes Ransomware" }, @@ -7718,6 +9814,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "254f4f67-d850-4dc5-8ddb-2e955ddea287", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "24fe5fef-6325-4c21-9c35-a0ecd185e254", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b96be762-56a0-4407-be04-fcba76c1ff29", "value": "HiddenTear" }, @@ -7822,6 +9934,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "7362581a-a7d1-4060-b225-e227f2df2b60", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e8d1a1f3-3170-4562-9a18-cadf000e48d0", "value": "htpRAT" }, @@ -7838,6 +9959,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "d5e96a35-7b0b-4c6a-9533-d63ecbda563e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "3fb18a77-91ef-4c68-a9a9-fa6bdbea38e8", "value": "HTran" }, @@ -7897,6 +10027,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "e5f7bb36-c982-4f5a-9b29-ab73d2c5f70e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "94466a80-964f-467e-b4b3-0e1375174464", "value": "Hworm" }, @@ -7930,6 +10069,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "9d67069c-b778-486f-8158-53f5dcd05d08", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "26f5afaf-0bd7-4741-91ab-917bdd837330", "value": "IcedID" }, @@ -7972,6 +10120,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "1d4a5704-c6fb-4bbb-92b2-88dc67f86339", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "44a1706e-f6dc-43ea-ac85-9a4f2407b9a3", "value": "Ice IX" }, @@ -8069,6 +10226,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "10f50ef8-6e3b-11e8-a648-d73fb4d2f48e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "22755fda-497e-4ef0-823e-5cb6d8701420", "value": "InvisiMole" }, @@ -8098,6 +10264,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "ffbbbc14-1cdb-4be9-a631-ed53c5407369", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "0f96a666-bf26-44e0-8ad6-f2136208c924", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a171321e-4968-4ac0-8497-3250c1f0d77d", "value": "ISFB" }, @@ -8164,6 +10346,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "b9707a57-d15f-4937-b022-52cc17f6783f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a3f41c96-a5c8-4dfe-b7fa-d9d75f97979a", "value": "IsSpace" }, @@ -8192,6 +10383,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "8e3d44d0-6768-4b54-88b0-2e004a7f2297", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2c51a717-726b-4813-9fcc-1265694b128e", "value": "Jaff" }, @@ -8245,6 +10445,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "1e3384ae-4b48-4c96-b7c2-bc1cc1eda203", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "910c3fd2-56e5-4f1d-8df0-2aa0b293b7d9", "value": "Jigsaw" }, @@ -8258,6 +10467,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a954e642-4cf4-4293-a4b0-c82cf2db785d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "551b568f-68fa-4483-a10c-a6452ae6289e", "value": "Jimmy" }, @@ -8286,6 +10504,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "673d05fa-4066-442c-bdb6-0c0a2da5ae62", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8201c8d2-1dab-4473-bbdf-42952b3d5fc6", "value": "Joao" }, @@ -8299,6 +10526,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "4d4528ff-6260-4b5d-b2ea-6e11ca02c396", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "97f12ca8-dc84-4a8c-b4c6-8ec1d1e79631", "value": "Jolob" }, @@ -8379,6 +10615,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a088c428-d0bb-49c8-9ed7-dcced0c74754", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8a01c3be-17b7-4e5a-b0b2-6c1f5ccb82cf", "value": "Karius" }, @@ -8406,6 +10651,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a5399473-859b-4c64-999b-a3b4070cd513", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "bab92070-3589-4b7e-bf05-4f54bfefc2ca", "value": "Kazuar" }, @@ -8434,6 +10688,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "07b10419-e8b5-4b5f-a179-77fc9b127dc6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "7d69892e-d582-4545-8798-4a9a84a821ea", "value": "Kelihos" }, @@ -8452,6 +10715,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "74167065-90b3-4c29-807a-79b6f098e45b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "a673b4fb-a864-4a5b-94ab-3fc4f5606cc8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "28c13455-7f95-40a5-9568-1e8732503507", "value": "KeyBoy" }, @@ -8480,6 +10759,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f7f53bb8-37ed-4bbe-9809-ca1594431536", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "0c213d7f-8c71-4341-aeb0-13be71fbf4e5", "value": "KEYMARBLE" }, @@ -8494,6 +10782,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "72b702d9-43c3-40b9-b004-8d0671225fb8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "361d3f09-8bc8-4b5a-803f-8686cf346047", "value": "KHRAT" }, @@ -8521,6 +10818,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "aef0fdd4-38b6-11e8-afdd-3b6145112467", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e81f3e3f-966c-4c99-8d4b-fc0a1d3bb027", "value": "KillDisk" }, @@ -8540,6 +10846,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "bc0be3a4-89d8-4c4c-b2aa-2dddbed1f71d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "07f6bbff-a09a-4580-96ea-62795a8dae11", "value": "KINS" }, @@ -8568,6 +10883,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f9e0b922-253c-40fa-a6d2-e60ec9c6980b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "3b5faa15-e87e-4aaf-b791-2c5e593793e6", "value": "Koadic" }, @@ -8597,6 +10921,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "5b930a23-7d88-481f-8791-abc7b3dd93d2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "24ee55e3-697f-482f-8fa8-d05999df40cd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f982fa2d-f78f-4fe1-a86d-d10471a3ebcf", "value": "Konni" }, @@ -8628,6 +10968,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "23f6da78-873a-4ab0-9167-c8b0563627a5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "52d98d2f-db62-430d-8658-5cadaeff6cd7", "value": "Korlia" }, @@ -8712,6 +11061,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "5b42af8e-8fdc-11e8-bf48-f32ff64d5502", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "62a7c823-9af0-44ee-ac05-8765806d2a17", "value": "Kronos" }, @@ -8766,6 +11124,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d1e548b8-4793-11e8-8dea-6beff82cac0a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2fc93875-eebb-41ff-a66e-84471c6cd5a3", "value": "Kwampirs" }, @@ -8842,6 +11209,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "7ccd3821-e825-4ff8-b4be-92c9732ce708", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "686a9217-3978-47c0-9989-dd2a3438ba72", "value": "Laziok" }, @@ -8888,6 +11264,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a73e150f-1431-4f72-994a-4000405eff07", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "342f5c56-861c-4a06-b5db-85c3c424f51f", "value": "Lethic" }, @@ -8947,6 +11332,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "8d51a22e-3485-4480-af96-8ed0305a7aa6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "24c9bb9f-1f9a-4e01-95d8-86c51733e11c", "value": "Locky" }, @@ -9055,6 +11449,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "a6f481fe-b6db-4507-bb3c-28f10d800e2f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "fbda9705-677b-4c5b-9b0b-13b52eff587c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "4793a29b-1191-4750-810e-9301a6576fc4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b8fa5036-813f-4887-b4d4-bb17b4a7eba0", "value": "Loki Password Stealer (PWS)" }, @@ -9260,6 +11677,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "95be4cd8-1d98-484f-a328-a5917a05e3c8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "df320366-7970-4af0-b1f4-9f9492dede53", "value": "Mamba" }, @@ -9276,6 +11702,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "dba2cf74-16a9-4ed8-8536-6542fda95999", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "54cd671e-b7e4-4dd3-9bfa-dc0ba5105944", "value": "ManameCrypt" }, @@ -9306,6 +11741,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "52caade6-ba7b-474e-b173-63f4332aa808", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5b75db42-b8f2-4e52-81d3-f329e49e1af2", "value": "Manifestus" }, @@ -9358,6 +11802,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "aa3fc68c-413c-4bfb-b4cd-bca7094da985", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "59717468-271e-4d15-859a-130681c17ddb", "value": "Matrix Banker" }, @@ -9623,6 +12076,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "dcbf1aaa-1fdd-4bfc-a35e-145ffdfb5ac5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "fcdfd4af-da35-49a8-9610-19be8a487185", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "17e12216-a303-4a00-8283-d3fe92d0934c", "value": "Mirai" }, @@ -9636,6 +12105,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "0db09158-6e48-4e7c-8ce7-2b10b9c0c039", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d1597713-fe7a-45bd-8b59-1a13c7e097d8", "value": "Misdat" }, @@ -9676,6 +12154,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "74bd8c09-73d5-4ad8-ab1f-e94a4853c936", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6363cc2f-08f1-47a0-adbf-5cf19ea89ffd", "value": "MM Core" }, @@ -9789,6 +12276,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "89bd2020-2594-45c4-8957-522c0ac41370", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c57a4168-cd09-4611-a665-bbcede80f42b", "value": "Monero Miner" }, @@ -9802,6 +12298,29 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f266754c-d0aa-4918-95a3-73b28eaa66e3", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "9ea525fa-b0a9-4dde-84f2-bcea0137b3c1", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "76ec1827-68a1-488f-9899-2b788ea8db64", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8465177f-16c8-47fc-a4c8-f4c0409fe460", "value": "MoonWind" }, @@ -9935,6 +12454,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "0b097926-2e1a-4134-8ab9-4c16d0cca0fc", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f7081626-130a-48d5-83a9-759b3ef198ec", "value": "Murofet" }, @@ -10054,6 +12582,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "03a91686-c607-49a8-a4e2-2054833c0013", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "00e1373c-fddf-4b06-9770-e980cc0ada6b", "value": "NanoLocker" }, @@ -10081,6 +12618,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "73cb7ecc-25e3-11e8-a97b-c35ec4e7dcf8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d8295eba-60ef-4900-8091-d694180de565", "value": "Nautilus" }, @@ -10094,6 +12640,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "6ea032a0-d54a-463b-b016-2b7b9b9a5b7e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ec0cad2c-0c13-491a-a869-1dc1758c8872", "value": "NavRAT" }, @@ -10117,6 +12672,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "97d34770-44cc-4ecb-bdce-ba11581c0e2a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "53ad08a6-cca9-401a-a6da-3c0bff2890eb", "value": "Necurs" }, @@ -10145,6 +12709,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "fde50aaa-f5de-4cb8-989a-babb57d6a704", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "0bc03bfa-1439-4162-bb33-ec9f8f952ee5", "value": "NetC" }, @@ -10160,6 +12733,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "53cf6cc4-65aa-445a-bcf8-c3d296f8a7a2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "3bb8052e-8ed2-48e3-a2cf-7358bae8c6b5", "value": "NETEAGLE" }, @@ -10204,6 +12786,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "cafd0bf8-2b9c-46c7-ae3c-3e0f42c5062e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "59b70721-6fed-4805-afa5-4ff2554bef81", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "3a26ee44-3224-48f3-aefb-3978c972d928", "value": "NetTraveler" }, @@ -10236,6 +12834,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "5c2eeaec-25e3-11e8-9d28-7f64aba5b173", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "101c2c0e-c082-4b5a-b820-2da789e839d9", "value": "Neuron" }, @@ -10259,6 +12866,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "26fed817-e7bf-41f9-829a-9075ffac45c2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "218ae39b-2f92-4355-91c6-50cce319d26d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "3760920e-4d1a-40d8-9e60-508079499076", "value": "Neutrino" }, @@ -10275,6 +12898,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "551b568f-68fa-4483-a10c-a6452ae6289e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a954e642-4cf4-4293-a4b0-c82cf2db785d", "value": "Neutrino POS" }, @@ -10332,6 +12964,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "c5e3766c-9527-47c3-94db-f10de2c56248", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ec50a75e-81f0-48b3-b1df-215eac646421", "value": "NewCT" }, @@ -10417,6 +13058,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "a860d257-4a39-47ec-9230-94cac67ebf7e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ff611c24-289e-4f2d-88d2-cfbf771a4e4b", "value": "NjRAT" }, @@ -10430,6 +13080,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "e7080bce-99b5-4615-a798-a192ed89bd5a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "94793dbc-3649-40a4-9ccc-1b32846ecb3a", "value": "Nocturnal Stealer" }, @@ -10489,6 +13148,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "d36f4834-b958-4f32-aff0-5263e0034408", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "9b5255c6-44e5-4ec3-bc03-7e00e220c937", "value": "Nymaim" }, @@ -10527,6 +13195,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "e2fa7aea-fb33-4efc-b61b-ccae71b32e7d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "045df65f-77fe-4880-af34-62ca33936c6e", "value": "Odinaff" }, @@ -10547,6 +13224,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "76d5c7a2-73c3-11e8-bd92-db4d715af093", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f3ba8a50-0105-4aa9-90b2-01df15f50b28", "value": "Olympic Destroyer" }, @@ -10587,6 +13273,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "b136d088-a829-432c-ac26-5529c26d4c7e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "abd10caa-7d4c-4c22-8dae-8d32f13232d7", "value": "OnionDuke" }, @@ -10702,6 +13397,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "1d46f816-d159-4457-b98e-c34307d90655", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "7fd96553-4c78-43de-824f-82645ed4fac5", "value": "Ordinypt" }, @@ -10758,6 +13462,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "57c5df76-e72f-41b9-be29-89395f83a77c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c21335f5-b145-4029-b1bc-161362c7ce80", "value": "PadCrypt" }, @@ -10857,6 +13570,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "7c5a1e93-7ab2-4b08-ada9-e82c4feaed0a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "34c9dbaa-97ac-4e1e-9eca-b7c492d67efc", "value": "Petya" }, @@ -10993,6 +13715,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "58b24db2-79d7-11e8-9b1b-bbdbc798af4f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "66087a9c-b5ac-4d6d-b79e-c0294728c876", "value": "PLAINTEE" }, @@ -11026,6 +13757,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "a71ed71f-b8f4-416d-9c57-910a42e59430", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "d1482c9e-6af3-11e8-aa8e-279274bd10c7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "43a56ed7-8092-4b36-998c-349b02b3bd0d", "value": "PLEAD" }, @@ -11040,6 +13787,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "8fb00a59-0dec-4d7f-bd53-9826b3929f39", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5c860744-bb12-4587-a852-ee060fd4dd64", "value": "Plexor" }, @@ -11098,6 +13854,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "663f8ef9-4c50-499a-b765-f377d23c1070", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "64fa0de0-6240-41f4-8638-f4ca7ed528fd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "f4b159ea-97e5-483b-854b-c48a78d562aa", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "036bd099-fe80-46c2-9c4c-e5c6df8dcdee", "value": "PlugX" }, @@ -11111,6 +13890,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "800bdfba-6d66-480f-9f45-15845c05cb5d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "fb4313ea-1fb6-4766-8b5c-b41fd347e4c5", "value": "pngdowner" }, @@ -11134,6 +13922,36 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "4e104fef-8a2c-4679-b497-6e86d7d47db0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "b42378e0-f147-496f-992a-26a49705395b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "2abe89de-46dd-4dae-ae22-b49a593aff54", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "e336aeba-b61a-44e0-a0df-cd52a5839db5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "7789fc1b-3cbc-4a1c-8ef0-8b06760f93e7", "value": "Poison Ivy" }, @@ -11147,6 +13965,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "b22cafb4-ccef-4935-82f4-631a6e539b8e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5ee77368-5e09-4016-ae73-82b99e830832", "value": "Polyglot" }, @@ -11165,6 +13992,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "ff0404a1-465f-4dd5-8b66-ee773628ca64", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "4166ab63-24b0-4448-92ea-21c8deef978d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "652b5242-b790-4695-ad0e-b79bbf78f351", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "cd201689-4bf1-4c5b-ac4d-21c4dcc39e7d", "value": "Pony" }, @@ -11244,6 +14094,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "00c3bfcb-99bd-4767-8c03-b08f585f5c8a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c79f5876-e3b9-417a-8eaf-8f1b01a0fecd", "value": "PowerDuke" }, @@ -11285,6 +14144,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "1f1be19e-d1b5-408b-90a0-03ad27cc8924", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "606f778a-8b99-4880-8da8-b923651d627b", "value": "PowerRatankba" }, @@ -11381,6 +14249,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "5f9f7648-04ba-4a9f-bb4c-2a13e74572bd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d5138738-846e-4466-830c-cd2bb6ad09cf", "value": "Pteranodon" }, @@ -11441,6 +14318,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "94d12a03-6ae8-4006-a98f-80c15e6f95c0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b39ffc73-db5f-4a8a-acd2-bee958d69155", "value": "Pushdo" }, @@ -11543,6 +14429,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a717c873-6670-447a-ba98-90db6464c07d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "080b2071-2d69-4b76-962e-3d0142074bcb", "value": "Qadars" }, @@ -11566,6 +14461,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "ac2ff27d-a7cb-46fe-ae32-cfe571dc614d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "b2ec1f16-2a76-4910-adc5-ecb3570e7c1a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "6e1168e6-7768-4fa2-951f-6d6934531633", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2ccaccd0-8362-4224-8497-2012e7cc7549", "value": "QakBot" }, @@ -11612,6 +14530,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "2d1aadfb-03c1-4580-b6ac-f12c6941067d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e6005ce5-3e3d-4dfb-8de7-3da45e89e549", "value": "Quant Loader" }, @@ -11634,6 +14561,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "6efa425c-3731-44fd-9224-2a62df061a2d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "05252643-093b-4070-b62f-d5836683a9fa", "value": "Quasar RAT" }, @@ -11660,6 +14596,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "674c3bf6-2e16-427d-ab0f-b91676a460cd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "98bcb2b9-bc3a-4ffb-859a-94bd03c1cc3c", "value": "Radamant" }, @@ -11673,6 +14618,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "5a3df9d7-82de-445e-a218-406b970600d7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "271752e3-67ca-48bc-ade2-30eec11defca", "value": "RadRAT" }, @@ -11721,6 +14675,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "7e2288ec-e7d4-4833-9245-a2bc5ae40ee2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "8ed81090-f098-4878-b87e-2d801b170759", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "542161c0-47a4-4297-baca-5ed98386d228", "value": "Ramnit" }, @@ -11737,6 +14707,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "6720f960-0382-479b-a0f8-f9e008995af4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5d9a27e7-3110-470a-ac0d-2bf00cac7846", "value": "Ranbyus" }, @@ -11750,6 +14729,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "383d7ebb-9b08-4874-b5d7-dc02b499c38f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "50c92b0b-cae3-41e7-b7d8-dffc2c88ac4b", "value": "Ranscam" }, @@ -11763,6 +14751,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f0fcbac5-6216-4c3c-adcb-3aa06ab23340", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5310903e-0704-4ca4-ab1b-52d243dddb06", "value": "Ransoc" }, @@ -11847,6 +14844,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "9752aef4-a1f3-4328-929f-b64eb0536090", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "80f87001-ff40-4e33-bd12-12ed1a92d1d7", "value": "RawPOS" }, @@ -11864,6 +14870,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "4b2ab902-811e-4b50-8510-43454d77d027", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "c17f6e4b-70c5-42f8-a91b-19d73485bd04", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c359c74e-4155-4e66-a344-b56947f75119", "value": "RCS" }, @@ -11893,6 +14915,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d939e802-acb2-4881-bdaf-ece1eccf5699", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "9d58d94f-6885-4a38-b086-b9978ac62c1f", "value": "ReactorBot" }, @@ -11906,6 +14937,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "65341f30-bec6-4b1d-8abf-1a5620446c29", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "826c31ca-2617-47e4-b236-205da3881182", "value": "Reaver" }, @@ -11937,6 +14977,36 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "ad6a1b4a-6d79-40d4-adb7-1d7ca697347e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "17b40f60-729f-4fe8-8aea-cc9ee44a95d5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "90124cc8-1205-4e63-83ad-5c45a110b1e6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "3df08e23-1d0b-41ed-b735-c4eca46ce48e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a70e93a7-3578-47e1-9926-0818979ed866", "value": "RedLeaves" }, @@ -11950,6 +15020,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f762860a-5e7a-43bf-bef4-06bd27e0b023", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "cd5f5165-7bd3-4430-b0bc-2c8fa518f618", "value": "Red Alert" }, @@ -11977,6 +15056,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "2c62f08a-9bd9-11e8-9e20-db9ec0d2b277", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "9ee0eb87-7648-4581-b301-7472a48946ad", "value": "reGeorg" }, @@ -11990,6 +15078,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "4c59cce8-cb48-4141-b9f1-f646edfaadb0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "0cf21558-1217-4d36-9536-2919cfd44825", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4cbe9373-6b5e-42d0-9750-e0b7fc0d58bb", "value": "Regin" }, @@ -12010,6 +15114,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "f647cca0-7416-47e9-8342-94b84dd436cc", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2894aee2-e0ec-417a-811e-74a68ab967b2", "value": "Remcos" }, @@ -12037,6 +15150,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "69d6f4a9-fcf0-4f51-bca7-597c51ad0bb8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6a3c3fbc-97ec-4938-b64e-2679e4b73db9", "value": "Remsec" }, @@ -12094,6 +15216,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "80acc956-d418-42e3-bddf-078695a01289", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "87b69cb4-8b65-47ee-91b0-9b1decdd5c5c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "e159c4f8-3c22-49f9-a60a-16588a9c22b0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "22ef1e56-7778-41d1-9b2b-737aa5bf9777", "value": "Retefe" }, @@ -12215,6 +15360,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "61184aea-e87b-467d-b36e-cfc75ccb242f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "38f57823-ccc2-424b-8140-8ba30325af9c", "value": "Rokku" }, @@ -12298,6 +15452,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "6b616fc1-1505-48e3-8b2c-0d19337bff38", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "53e94bc9-c8d2-4fb6-9c02-00841e454050", "value": "Rover" }, @@ -12323,6 +15486,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "a4036a28-3d94-11e8-ad9f-97ada3c6d5fb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8d984309-b7fa-4ccf-a6b7-da17283aae2f", "value": "Rovnix" }, @@ -12337,6 +15509,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "ac04d0b0-c6b5-4125-acd7-c58dfe7ad4cf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "92d87656-5e5b-410c-bdb6-bf028324dc72", "value": "RoyalCli" }, @@ -12377,6 +15558,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "92ec0cbd-2c30-44a2-b270-73f4ec949841", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e6952b4d-e96d-4641-a88f-60074776d553", "value": "RTM" }, @@ -12403,6 +15593,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d70bd6a8-5fd4-42e8-8e39-fb18daeccdb2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b88b50c0-3db9-4b8f-8564-4f56f991bee2", "value": "Ruckguv" }, @@ -12443,6 +15642,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "40bce827-4049-46e4-8323-3ab58f0f00bc", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "512e0b13-a52b-45ef-9230-7172f5e976d4", "value": "Rurktar" }, @@ -12463,6 +15671,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "9bca63cc-f0c7-4704-9c5f-b5bf473a9b43", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "76e98e04-0ab7-4000-80ee-7bcbcf9c110d", "value": "Rustock" }, @@ -12499,6 +15716,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "3eca2d5f-41bf-4ad4-847f-df18befcdc44", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "96b08451-b27a-4ff6-893f-790e26393a8e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "f6c137f0-979c-4ce2-a0e5-2a080a5a1746", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e88eb9b1-dc8b-4696-8dcf-0c29924d0f8b", "value": "Sakula RAT" }, @@ -12525,6 +15765,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "6fe5f49d-48b5-4dc2-92f7-8c94397b9c96", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "cf752563-ad8a-4286-b2b3-9acf24a0a09a", "value": "Sality" }, @@ -12542,6 +15791,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "731e4a5e-35f2-47b1-80ba-150b95fdc14d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "696d78cb-1716-4ca0-b678-c03c7cfec19a", "value": "SamSam" }, @@ -12588,6 +15846,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "61d8bba8-7b22-493f-b023-97ffe7f17caf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5639f7db-ab70-4b86-8a2f-9c4e3927ba91", "value": "Satan Ransomware" }, @@ -12601,6 +15868,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "a127a59e-9e4c-4c2b-b833-cabd076c3016", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "09b555be-8bac-44b2-8741-922ee0b87880", "value": "Satana" }, @@ -12614,6 +15890,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "35849d8f-5bac-475b-82f8-7d555f37de12", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "bdc7cc9c-c46d-4f77-b903-2335cc1a3369", "value": "Sathurbot" }, @@ -12682,6 +15967,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "67e6d66b-1b82-4699-b47a-e2efb6268d14", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "1d07212e-6292-40a4-a5e9-30aef83b6207", "value": "SeaDaddy" }, @@ -12728,6 +16022,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "fb575479-14ef-41e9-bfab-0b7cf10bec73", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "6374fc53-9a0d-41ba-b9cf-2a9765d69fbb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "21ab9e14-602a-4a76-a308-dbf5d6a91d75", "value": "Sedreco" }, @@ -12756,6 +16066,64 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "8ae43c46-57ef-47d5-a77a-eebb35628db2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "bef4c620-0787-42a8-a96d-b7eb6e85917c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "43cd8a09-9c80-48c8-9568-1992433af60a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "1de47f51-1f20-403b-a2e1-5eaabe275faa", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "3948ce95-468e-4ce1-82b1-57439c6d6afd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "60c18d06-7b91-4742-bae3-647845cd9d81", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "d26b5518-8d7f-41a6-b539-231e4962853e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "df36267b-7267-4c23-a7a1-cf94ef1b3729", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6bd20349-1231-4aaa-ba2a-f4b09d3b344c", "value": "Seduploader" }, @@ -12780,6 +16148,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "bd4bfbab-c21d-4971-b70c-b180bcf40630", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "0d4ca924-7e7e-4385-b14d-f504b4d206e5", "value": "Serpico" }, @@ -12797,6 +16174,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "2448a4e1-46e3-4c42-9fd1-f51f8ede58c1", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e089e945-a523-4d11-a135-396f9b6c1dc7", "value": "ShadowPad" }, @@ -12855,6 +16241,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "3784c74-691a-4110-94f6-66e60224aa92", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d31f1c73-d14b-41e2-bb16-81ee1d886e43", "value": "SHARPKNOT" }, @@ -12881,6 +16276,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "67d712c8-d254-4820-83fa-9a892b87923b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6e668c0c-7085-4951-87d4-0334b6a5cdb3", "value": "Shifu" }, @@ -12908,6 +16312,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "b9963d52-a391-4e9c-92e7-d2a147d5451f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "77c20bd9-5403-4f99-bae5-c54f3f38a6b6", "value": "Shujin" }, @@ -12998,6 +16411,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "304fd753-c917-4008-8f85-81390c37a070", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "0df52c23-690b-4703-83f7-5befc38ab376", "value": "Silence" }, @@ -13039,6 +16461,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "347e7a64-8ee2-487f-bcb3-ca7564fa836c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "467ee29c-317f-481a-a77c-69961eb88c4d", "value": "Simda" }, @@ -13061,6 +16492,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "415a3667-4ac4-4718-a6ea-617540a4abb1", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ad5bcaef-1a86-4cc7-8f2e-32306b995018", "value": "Sinowal" }, @@ -13075,6 +16515,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "b533439d-b060-4c90-80e0-9dce67b0c6fb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "0fba78fc-47a1-45e1-b5df-71bcabd23b5d", "value": "Sisfader" }, @@ -13169,6 +16618,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "0c824410-58ff-49b2-9cf2-1c96b182bdf0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "81f41bae-2ba9-4cec-9613-776be71645ca", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ba91d713-c36e-4d98-9fb7-e16496a69eec", "value": "SmokeLoader" }, @@ -13185,6 +16650,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "f93acc85-8d2c-41e0-b0c5-47795b8c6194", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "26b91007-a8ae-4e32-bd99-292e44735c3d", "value": "Smominru" }, @@ -13231,6 +16705,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "75b01a1e-3269-4f4c-bdba-37af4e9c3f54", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "75329c9e-a218-4299-87b2-8f667cd9e40c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "b9448d2a-a23c-4bf2-92a1-d860716ba2f3", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4f3ad937-bf2f-40cb-9695-a2bedfd41bfa", "value": "Snifula" }, @@ -13358,6 +16855,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "9ca488bd-9587-48ef-b923-1743523e63b2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "f5ac89a7-e129-43b7-bd68-e3cb1e5a3ba2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f4cac204-3d3f-4bb6-84bd-fc27b2f5158c", "value": "SOUNDBITE" }, @@ -13413,6 +16926,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "4db80a62-d318-48e7-b70b-759924ff515e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "39f609e3-e6fe-4c2c-af0e-b28bc81b2ecf", "value": "" }, @@ -13441,6 +16963,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "2fb26586-2b53-4b9a-ad4f-2b3bcb9a2421", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "009db412-762d-4256-8df9-eb213be01ffd", "value": "SslMM" }, @@ -13589,6 +17120,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "1b63293f-13f0-4c25-9bf6-6ebc023fc8ff", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6ad84f52-0025-4a9d-861a-65c870f47988", "value": "Stuxnet" }, @@ -13672,6 +17212,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "04585cd8-54ae-420f-9191-8ddb9b88a80c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a396a0bb-6dc5-424a-bdbd-f8ba808ca2c2", "value": "SynAck" }, @@ -13685,6 +17234,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "83d10b83-9038-4dd6-b305-f14c21478588", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e717a26d-17aa-4cd7-88de-dc75aa365232", "value": "SyncCrypt" }, @@ -13725,6 +17283,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "7f8730af-f683-423f-9ee1-5f6875a80481", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2ae57534-6aac-4025-8d93-888dab112b45", "value": "Sys10" }, @@ -13887,6 +17454,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "0b32ec39-ba61-4864-9ebe-b4b0b73caf9a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "99d83ee8-6870-4af2-a3c8-cf86baff7cb3", "value": "TDTESS" }, @@ -13944,6 +17520,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "eead5605-0d79-4942-a6c2-efa6853cdf6b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b127028b-ecb1-434b-abea-e4df3ca458b9", "value": "Terminator RAT" }, @@ -13981,6 +17566,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "361d7a90-2fde-4fc7-91ed-fdce26eb790f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "24fabbe0-27a2-4c93-a6a6-c14767efaa25", "value": "Thanatos" }, @@ -14074,6 +17668,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "96b2b31e-b191-43c4-9929-48ba1cbee62c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "75f53ead-1aee-4f91-8cb9-b4170d747cfc", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "5594b171-32ec-4145-b712-e7701effffdd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5eee35b6-bd21-4b67-b198-e9320fcf2c88", "value": "Tinba" }, @@ -14112,6 +17729,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "da21929e-40c0-443d-bdf4-6b60d15448b4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "4cfa42a3-71d9-43e2-bf23-daa79f326387", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "e683cd91-40b4-4e1c-be25-34a27610a22e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5a78ec38-8b93-4dde-a99e-0c9b77674838", "value": "TinyNuke" }, @@ -14125,6 +17765,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "1b591586-e1ef-4a32-8dae-791aca5ddf41", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d2414f4a-1eda-4d80-84d3-ed130ca14e3c", "value": "TinyTyphon" }, @@ -14167,6 +17816,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "ca11e3f2-cda1-45dc-bed1-8708fa9e27a6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "53e617fc-d71e-437b-a1a1-68b815d1ff49", "value": "Tofsee" }, @@ -14181,6 +17839,29 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "26c8b446-305c-4057-83bc-85b09630281e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "b817ce63-f1c3-49de-bd8b-fd56c3f956c9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "ae4aa1ef-4da0-4952-9583-9d47f84edad9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "7f6cd579-b021-4896-80da-fcc07c35c8b2", "value": "TorrentLocker" }, @@ -14250,6 +17931,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "a7dbd72f-8d53-48c6-a9db-d16e7648b2d4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "07e3260b-d80c-4c86-bd28-8adc111bbec6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c824813c-9c79-4917-829a-af72529e8329", "value": "TrickBot" }, @@ -14338,6 +18035,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "db1355a7-e5c9-4e2c-8da7-eccf2ae9bf5c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "fab34d66-5668-460a-bc0f-250b9417cdbf", "value": "TURNEDUP" }, @@ -14366,6 +18072,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "102c3898-85e0-43ee-ae28-62a0a3ed9507", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ccde5b0d-fe13-48e6-a6f4-4e434ce29371", "value": "UACMe" }, @@ -14429,6 +18144,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "39f609e3-e6fe-4c2c-af0e-b28bc81b2ecf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4db80a62-d318-48e7-b70b-759924ff515e", "value": "" }, @@ -14837,6 +18561,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "99d9110d-85a4-4819-9f85-05e4b73aa5f3", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "925390a6-f88d-46dc-96ae-4ebc9f0b50b0", "value": "Upatre" }, @@ -14871,6 +18604,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "67a1a317-9f79-42bd-a4b2-fa1867d37d27", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ed9f995b-1b41-4b83-a978-d956670fdfbe", "value": "UrlZone" }, @@ -14885,6 +18627,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "80a014ba-3fef-4768-990b-37d8bd10d7f4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "22332d52-c0c2-443c-9ffb-f08c0d23722c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d674ffd2-1f27-403b-8fe9-b4af6e303e5c", "value": "Uroburos" }, @@ -14906,6 +18664,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "e95dd1ba-7485-4c02-bf2e-14beedbcf053", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "f3813bbd-682c-400d-8165-778be6d3f91f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b662c253-5c87-4ae6-a30e-541db0845f67", "value": "Vawtrak" }, @@ -14986,6 +18760,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "cc1432a1-6580-4338-b119-a43236528ea1", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2e99f27c-6791-4695-b88b-de4d4cbda8d6", "value": "Virut" }, @@ -15005,6 +18788,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "09d1cad8-6b06-48d7-a968-5b17bbe9ca65", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c32740a4-db2c-4d71-80bd-7377185f4a6f", "value": "VM Zeus" }, @@ -15035,6 +18827,36 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "e0bea149-2def-484f-b658-f782a4f94815", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "fece06b7-d4b1-42cf-b81a-5323c917546e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "495b6cdb-7b5a-4fbc-8d33-e7ef68806d08", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "0a52e73b-d7e9-45ae-9bda-46568f753931", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "bbfd4fb4-3e5a-43bf-b4bb-eaf5ef4fb25f", "value": "Volgmer" }, @@ -15108,6 +18930,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "d62ab8d5-4ba1-4c45-8a63-13fdb099b33c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ad67ff31-2a02-43f9-8b12-7df7e4fcccd6", "value": "WannaCryptor" }, @@ -15329,6 +19160,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "e0e79fab-0f1d-4fc2-b424-208cb019a9cd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d84ebd91-58f6-459f-96a1-d028a1719914", "value": "WellMess" }, @@ -15357,6 +19197,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "22addc7b-b39f-483d-979a-1b35147da5de", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6a100902-7204-4f20-b838-545ed86d4428", "value": "WinMM" }, @@ -15375,6 +19224,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "d3afa961-a80c-4043-9509-282cdf69ab21", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "9b3a4cff-1c5a-4fd6-b49c-27240b6d622c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "7f8166e2-c7f4-4b48-a07b-681b61a8f2c1", "value": "Winnti" }, @@ -15401,6 +19266,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "6b62e336-176f-417b-856a-8552dd8c44e1", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "36c0faf0-428e-4e7f-93c5-824bb0495ac9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6b6cf608-cc2c-40d7-8500-afca3e35e7e4", "value": "Wipbot" }, @@ -15494,6 +19375,36 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "ccd61dfc-b03f-4689-8c18-7c97eab08472", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "56660521-6db4-4e5a-a927-464f22954b7c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "0a32ceea-fa66-47ab-8bde-150dbd6d2e40", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "3e2c99f9-66cd-48be-86e9-d7c1c164d87c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "0a7d9d22-a26d-4a2b-ab9b-b296176c3ecf", "value": "X-Agent" }, @@ -15601,6 +19512,22 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "7343e208-7cab-45f2-a47b-41ba5e2f0fab", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "6d180bd7-3c77-4faf-b98b-dc2ab5f49101", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "53089817-6d65-4802-a7d2-5ccc3d919b74", "value": "X-Tunnel" }, @@ -15632,6 +19559,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "74167065-90b3-4c29-807a-79b6f098e45b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "28c13455-7f95-40a5-9568-1e8732503507", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "2a16a1d4-a098-4f17-80f3-3cfc6c60b539", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a673b4fb-a864-4a5b-94ab-3fc4f5606cc8", "value": "Yahoyah" }, @@ -15767,6 +19717,22 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "4ab44516-ad75-4e43-a280-705dc0420e2f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "ff00fa92-b32e-46b6-88ca-98357ebe3f54", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "9b0aa458-dfa9-48af-87ea-c36d1501376c", "value": "ZeroT" }, @@ -15799,6 +19765,29 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "0ce448de-c2bb-4c6e-9ad7-c4030f02b4d7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "f0ec2df5-2e38-4df3-970d-525352006f2e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "e878d24d-f122-48c4-930c-f6b6d5f0ee28", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4e8c1ab7-2841-4823-a5d1-39284fb0969a", "value": "Zeus" }, @@ -15826,6 +19815,15 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "8914802c-3aca-4a0d-874a-85ac7a1bc505", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "997c20b0-0992-498a-b69d-fc16ab2fd4e4", "value": "Zeus Sphinx" }, @@ -15895,6 +19893,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "2eb658ed-aff4-4253-a21f-9059b133ce17", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "13236f94-802b-4abc-aaa9-cb80cf4df9ed", "value": "Zloader" }, @@ -15927,6 +19934,15 @@ ], "type": [] }, + "related": [ + { + "dest-uuid": "5b9dc67e-bae4-44f3-b58d-6d842a744104", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "23920e3b-246a-4172-bf9b-5e9f90510a15", "value": "ZXShell" }, @@ -15940,9 +19956,25 @@ "synonyms": [], "type": [] }, + "related": [ + { + "dest-uuid": "390abe30-8b9e-439e-a6d3-2ee978f05fba", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "78ef77ac-a570-4fb9-af80-d04c09dff9ab", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "721e9af0-8a60-4b9e-9137-c23e86d75722", "value": "Zyklon" } ], - "version": 1649 -} + "version": 1650 +} \ No newline at end of file diff --git a/clusters/microsoft-activity-group.json b/clusters/microsoft-activity-group.json index 794be13..9a9d44c 100644 --- a/clusters/microsoft-activity-group.json +++ b/clusters/microsoft-activity-group.json @@ -224,9 +224,18 @@ "Transparent Tribe" ] }, + "related": [ + { + "dest-uuid": "acbb5cad-ffe7-4b0e-a57a-2dbc916e8905", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2a410eea-a9da-11e8-b404-37b7060746c8", "value": "https://www.cfr.org/interactive/cyber-operations/mythic-leopard" } ], - "version": 5 -} + "version": 6 +} \ No newline at end of file diff --git a/clusters/mitre-enterprise-attack-malware.json b/clusters/mitre-enterprise-attack-malware.json index 42d6220..2798c43 100644 --- a/clusters/mitre-enterprise-attack-malware.json +++ b/clusters/mitre-enterprise-attack-malware.json @@ -156,6 +156,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "b376580e-aba1-4ac9-9c2d-2df429efecf6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "4f6aa78c-c3d4-4883-9840-96ca2f5d6d47", @@ -174,6 +181,15 @@ "NetC" ] }, + "related": [ + { + "dest-uuid": "0bc03bfa-1439-4162-bb33-ec9f8f952ee5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "fde50aaa-f5de-4cb8-989a-babb57d6a704", "value": "Net Crawler - S0056" }, @@ -197,6 +213,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "82c644ab-550a-4a83-9b35-d545f4719069", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "54cc1d4f-5c53-4f0e-9ef5-11b4998e82e4", @@ -261,6 +284,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "c04fc02e-f35a-44b6-a9b0-732bf2fc551a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "083bb47b-02c8-4423-81a2-f9ef58572974", @@ -328,6 +358,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "6eee9bf9-ffce-4c88-a5ad-9d80f6fc727c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "dc5d1a33-62aa-4a0c-aa8c-589b87beb11e", @@ -376,6 +413,20 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "bab647d7-c9d6-4697-8fd2-1295c7429e1f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "2f899e3e-1a46-43ea-8e68-140603ce943d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "73a4793a-ce55-4159-b2a6-208ef29b326f", @@ -416,6 +467,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "e6a077cb-42cc-4193-9006-9ceda8c0dff2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "08d20cd2-f084-45ee-8558-fa6ef5a18519", @@ -512,6 +570,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "ba91d713-c36e-4d98-9fb7-e16496a69eec", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "0c824410-58ff-49b2-9cf2-1c96b182bdf0", @@ -665,6 +730,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "9b0aa458-dfa9-48af-87ea-c36d1501376c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "4ab44516-ad75-4e43-a280-705dc0420e2f", @@ -738,6 +810,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "a70e93a7-3578-47e1-9926-0818979ed866", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "17b40f60-729f-4fe8-8aea-cc9ee44a95d5", @@ -755,6 +834,15 @@ "WinMM" ] }, + "related": [ + { + "dest-uuid": "6a100902-7204-4f20-b838-545ed86d4428", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "22addc7b-b39f-483d-979a-1b35147da5de", "value": "WinMM - S0059" }, @@ -785,6 +873,15 @@ "Sys10" ] }, + "related": [ + { + "dest-uuid": "2ae57534-6aac-4025-8d93-888dab112b45", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "7f8730af-f683-423f-9ee1-5f6875a80481", "value": "Sys10 - S0060" }, @@ -917,6 +1014,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "438c6d0f-03f0-4b49-89d2-40bf5349c3fc", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "2f1a9fd0-3b7c-4d77-a358-78db13adbe78", @@ -941,6 +1045,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "35e00ff0-704e-4e61-b9bb-9ed20a4a008f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "67fc172a-36fa-4a35-88eb-4ba730ed52a6", @@ -1002,6 +1113,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "036bd099-fe80-46c2-9c4c-e5c6df8dcdee", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "64fa0de0-6240-41f4-8638-f4ca7ed528fd", @@ -1019,6 +1137,15 @@ "Reaver" ] }, + "related": [ + { + "dest-uuid": "826c31ca-2617-47e4-b236-205da3881182", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "65341f30-bec6-4b1d-8abf-1a5620446c29", "value": "Reaver - S0172" }, @@ -1034,6 +1161,15 @@ "Misdat" ] }, + "related": [ + { + "dest-uuid": "d1597713-fe7a-45bd-8b59-1a13c7e097d8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "0db09158-6e48-4e7c-8ce7-2b10b9c0c039", "value": "Misdat - S0083" }, @@ -1057,6 +1193,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d26b5518-8d7f-41a6-b539-231e4962853e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "f108215f-3487-489d-be8b-80e346d32518", @@ -1112,6 +1255,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "8465177f-16c8-47fc-a4c8-f4c0409fe460", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "9ea525fa-b0a9-4dde-84f2-bcea0137b3c1", @@ -1144,6 +1294,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "a61fc694-a88a-484d-a648-db35b49932fd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "326af1cd-78e7-45b7-a326-125d2f7ef8f2", @@ -1161,6 +1318,15 @@ "Rover" ] }, + "related": [ + { + "dest-uuid": "53e94bc9-c8d2-4fb6-9c02-00841e454050", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6b616fc1-1505-48e3-8b2c-0d19337bff38", "value": "Rover - S0090" }, @@ -1191,6 +1357,15 @@ "PowerDuke" ] }, + "related": [ + { + "dest-uuid": "c79f5876-e3b9-417a-8eaf-8f1b01a0fecd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "00c3bfcb-99bd-4767-8c03-b08f585f5c8a", "value": "PowerDuke - S0139" }, @@ -1267,6 +1442,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "7789fc1b-3cbc-4a1c-8ef0-8b06760f93e7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "b42378e0-f147-496f-992a-26a49705395b", @@ -1309,6 +1491,15 @@ "Anunak" ] }, + "related": [ + { + "dest-uuid": "8c246ec4-eaa5-42c0-b137-29f28cbb6832", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "72f54d66-675d-4587-9bd3-4ed09f9522e4", "value": "Carbanak - S0030" }, @@ -1437,6 +1628,15 @@ "Nioupale" ] }, + "related": [ + { + "dest-uuid": "70f6c71f-bc0c-4889-86e3-ef04e5b8415b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b6b3dfc7-9a81-43ff-ac04-698bad48973a", "value": "Daserf - S0187" }, @@ -1560,6 +1760,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "53089817-6d65-4802-a7d2-5ccc3d919b74", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "7343e208-7cab-45f2-a47b-41ba5e2f0fab", @@ -1666,6 +1873,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "e88eb9b1-dc8b-4696-8dcf-0c29924d0f8b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "96b08451-b27a-4ff6-893f-790e26393a8e", @@ -1722,6 +1936,15 @@ "NETEAGLE" ] }, + "related": [ + { + "dest-uuid": "3bb8052e-8ed2-48e3-a2cf-7358bae8c6b5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "53cf6cc4-65aa-445a-bcf8-c3d296f8a7a2", "value": "NETEAGLE - S0034" }, @@ -1818,6 +2041,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "637000f7-4363-44e0-b795-9cfb7a3dc460", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "3d8e547d-9456-4f32-a895-dc86134e282f", @@ -1874,6 +2104,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "4cbe9373-6b5e-42d0-9750-e0b7fc0d58bb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "4c59cce8-cb48-4141-b9f1-f646edfaadb0", @@ -1906,6 +2143,15 @@ "POWRUNER" ] }, + "related": [ + { + "dest-uuid": "63f6df51-4de3-495a-864f-0a7e30c3b419", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "09b2cd76-c674-47cc-9f57-d2f2ad150a46", "value": "POWRUNER - S0184" }, @@ -1938,6 +2184,15 @@ "Pteranodon" ] }, + "related": [ + { + "dest-uuid": "d5138738-846e-4466-830c-cd2bb6ad09cf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5f9f7648-04ba-4a9f-bb4c-2a13e74572bd", "value": "Pteranodon - S0147" }, @@ -2037,6 +2292,15 @@ "AIRBREAK" ] }, + "related": [ + { + "dest-uuid": "fd419da6-5c0d-461e-96ee-64397efac63b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "06d735e7-1db1-4dbe-ab4b-acbe419f902b", "value": "Orz - S0229" }, @@ -2067,6 +2331,15 @@ "Kasidet" ] }, + "related": [ + { + "dest-uuid": "3760920e-4d1a-40d8-9e60-508079499076", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "26fed817-e7bf-41f9-829a-9075ffac45c2", "value": "Kasidet - S0088" }, @@ -2108,6 +2381,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "0a7d9d22-a26d-4a2b-ab9b-b296176c3ecf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "ccd61dfc-b03f-4689-8c18-7c97eab08472", @@ -2126,6 +2406,15 @@ "Darkmoon" ] }, + "related": [ + { + "dest-uuid": "81ca4876-b4a4-43e9-b8a9-8a88709dd3d2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "310f437b-29e7-4844-848c-7220868d074a", "value": "Darkmoon - S0209" }, @@ -2156,6 +2445,15 @@ "BBSRAT" ] }, + "related": [ + { + "dest-uuid": "cad1d6db-3a6c-4d67-8f6e-627d8a168d6a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "64d76fa5-cf8f-469c-b78c-1a4f7c5bad80", "value": "BBSRAT - S0127" }, @@ -2180,6 +2478,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "3477a25d-e04b-475e-8330-39f66c10cc01", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "7551188b-8f91-4d34-8350-0d0c57b2b913", @@ -2252,6 +2557,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d674ffd2-1f27-403b-8fe9-b4af6e303e5c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "80a014ba-3fef-4768-990b-37d8bd10d7f4", @@ -2285,6 +2597,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "b376580e-aba1-4ac9-9c2d-2df429efecf6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "17e919aa-4a49-445c-b103-dbb8df9e7351", @@ -2422,6 +2741,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "bbfd4fb4-3e5a-43bf-b4bb-eaf5ef4fb25f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "fece06b7-d4b1-42cf-b81a-5323c917546e", @@ -2462,6 +2788,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "bbfd4fb4-3e5a-43bf-b4bb-eaf5ef4fb25f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "495b6cdb-7b5a-4fbc-8d33-e7ef68806d08", @@ -2479,6 +2812,15 @@ "TDTESS" ] }, + "related": [ + { + "dest-uuid": "99d83ee8-6870-4af2-a3c8-cf86baff7cb3", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "0b32ec39-ba61-4864-9ebe-b4b0b73caf9a", "value": "TDTESS - S0164" }, @@ -2519,6 +2861,15 @@ "TURNEDUP" ] }, + "related": [ + { + "dest-uuid": "fab34d66-5668-460a-bc0f-250b9417cdbf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "db1355a7-e5c9-4e2c-8da7-eccf2ae9bf5c", "value": "TURNEDUP - S0199" }, @@ -2644,6 +2995,15 @@ "Helminth" ] }, + "related": [ + { + "dest-uuid": "19d89300-ff97-4281-ac42-76542e744092", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "eff1a885-6f90-42a1-901f-eef6e7a1905e", "value": "Helminth - S0170" }, @@ -2702,6 +3062,20 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d26b5518-8d7f-41a6-b539-231e4962853e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "6bd20349-1231-4aaa-ba2a-f4b09d3b344c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "60c18d06-7b91-4742-bae3-647845cd9d81", @@ -2726,6 +3100,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "f4cac204-3d3f-4bb6-84bd-fc27b2f5158c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "9ca488bd-9587-48ef-b923-1743523e63b2", @@ -2745,6 +3126,15 @@ "ProjectSauron" ] }, + "related": [ + { + "dest-uuid": "6a3c3fbc-97ec-4938-b64e-2679e4b73db9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "69d6f4a9-fcf0-4f51-bca7-597c51ad0bb8", "value": "Remsec - S0125" }, @@ -2815,6 +3205,15 @@ "WhiteBear" ] }, + "related": [ + { + "dest-uuid": "0a3047b3-6a38-48ff-8f9c-49a5c28e3ada", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "76abb3ef-dafd-4762-97cb-a35379429db4", "value": "Gazer - S0168" }, @@ -2832,6 +3231,15 @@ "SeaDesk" ] }, + "related": [ + { + "dest-uuid": "1d07212e-6292-40a4-a5e9-30aef83b6207", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "67e6d66b-1b82-4699-b47a-e2efb6268d14", "value": "SeaDuke - S0053" }, @@ -2890,6 +3298,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "21ab9e14-602a-4a76-a308-dbf5d6a91d75", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "fb575479-14ef-41e9-bfab-0b7cf10bec73", @@ -2974,6 +3389,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "3a26ee44-3224-48f3-aefb-3978c972d928", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "cafd0bf8-2b9c-46c7-ae3c-3e0f42c5062e", @@ -3013,6 +3435,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "1ecbcd20-f238-47ef-874b-08ef93266395", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "63c2a130-8a5b-452f-ad96-07cf0af12ffe", @@ -3051,6 +3480,15 @@ "FinSpy" ] }, + "related": [ + { + "dest-uuid": "541b64bc-87ec-4cc2-aaee-329355987853", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a5528622-3a8a-4633-86ce-8cdaf8423858", "value": "FinFisher - S0182" }, @@ -3074,6 +3512,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d9cc15f7-0880-4ae4-8df4-87c58338d6b8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "da5880b4-f7da-4869-85f2-e0aba84b8565", @@ -3098,6 +3543,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "4df1b257-c242-46b0-b120-591430066b6f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "5e595477-2e78-4ce7-ae42-e0b059b17808", @@ -3130,6 +3582,15 @@ "Felismus" ] }, + "related": [ + { + "dest-uuid": "07a41ea7-17b2-4852-bfd7-54211c477dc0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "196f1f32-e0c2-4d46-99cd-234d4b6befe1", "value": "Felismus - S0171" }, @@ -3171,6 +3632,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "7f8166e2-c7f4-4b48-a07b-681b61a8f2c1", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "d3afa961-a80c-4043-9509-282cdf69ab21", @@ -3188,6 +3656,15 @@ "RTM" ] }, + "related": [ + { + "dest-uuid": "e6952b4d-e96d-4641-a88f-60074776d553", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "92ec0cbd-2c30-44a2-b270-73f4ec949841", "value": "RTM - S0148" }, @@ -3334,6 +3811,15 @@ "DownPaper" ] }, + "related": [ + { + "dest-uuid": "227862fd-ae83-4e3d-bb69-cc1a45a13aed", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e48df773-7c95-4a4c-ba70-ea3d15900148", "value": "DownPaper - S0186" }, @@ -3493,6 +3979,15 @@ "pngdowner" ] }, + "related": [ + { + "dest-uuid": "fb4313ea-1fb6-4766-8b5c-b41fd347e4c5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "800bdfba-6d66-480f-9f45-15845c05cb5d", "value": "pngdowner - S0067" }, @@ -3508,6 +4003,15 @@ "SslMM" ] }, + "related": [ + { + "dest-uuid": "009db412-762d-4256-8df9-eb213be01ffd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2fb26586-2b53-4b9a-ad4f-2b3bcb9a2421", "value": "SslMM - S0058" }, @@ -3623,6 +4127,15 @@ "OnionDuke" ] }, + "related": [ + { + "dest-uuid": "abd10caa-7d4c-4c22-8dae-8d32f13232d7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b136d088-a829-432c-ac26-5529c26d4c7e", "value": "OnionDuke - S0052" }, @@ -3709,6 +4222,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "7ea00126-add3-407e-b69d-d4aa1b3049d5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "94379dec-5c87-49db-b36e-66abc0b81344", @@ -3731,6 +4251,15 @@ "DRIFTWOOD" ] }, + "related": [ + { + "dest-uuid": "80f87001-ff40-4e33-bd12-12ed1a92d1d7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "9752aef4-a1f3-4328-929f-b64eb0536090", "value": "RawPOS - S0169" }, @@ -3757,6 +4286,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "6b6cf608-cc2c-40d7-8500-afca3e35e7e4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "6b62e336-176f-417b-856a-8552dd8c44e1", @@ -3776,6 +4312,15 @@ "Enfal" ] }, + "related": [ + { + "dest-uuid": "2a4cacb7-80a1-417e-8b9c-54b4089f35d9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "251fbae2-78f6-4de7-84f6-194c727a64ad", "value": "Lurid - S0010" }, @@ -3865,6 +4410,20 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d26b5518-8d7f-41a6-b539-231e4962853e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "6bd20349-1231-4aaa-ba2a-f4b09d3b344c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "8ae43c46-57ef-47d5-a77a-eebb35628db2", @@ -3886,5 +4445,5 @@ "value": "ELMER - S0064" } ], - "version": 5 -} + "version": 6 +} \ No newline at end of file diff --git a/clusters/mitre-enterprise-attack-tool.json b/clusters/mitre-enterprise-attack-tool.json index e25ef14..173ec28 100644 --- a/clusters/mitre-enterprise-attack-tool.json +++ b/clusters/mitre-enterprise-attack-tool.json @@ -139,6 +139,15 @@ "UACMe" ] }, + "related": [ + { + "dest-uuid": "ccde5b0d-fe13-48e6-a6f4-4e434ce29371", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "102c3898-85e0-43ee-ae28-62a0a3ed9507", "value": "UACMe - S0116" }, @@ -302,6 +311,15 @@ "gsecdump" ] }, + "related": [ + { + "dest-uuid": "8410d208-7450-407d-b56c-e5c1ced19632", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b07c2c47-fefb-4d7c-a69e-6a3296171f54", "value": "gsecdump - S0008" }, @@ -427,6 +445,15 @@ "HUC Packet Transmit Tool" ] }, + "related": [ + { + "dest-uuid": "3fb18a77-91ef-4c68-a9a9-fa6bdbea38e8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d5e96a35-7b0b-4c6a-9533-d63ecbda563e", "value": "HTRAN - S0040" }, @@ -751,6 +778,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "1a1d3ea4-972e-4c48-8d85-08d9db8f1550", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "aafea02e-ece5-4bb2-91a6-3bf8c7f38a39", @@ -772,5 +806,5 @@ "value": "Invoke-PSImage - S0231" } ], - "version": 5 -} + "version": 6 +} \ No newline at end of file diff --git a/clusters/mitre-malware.json b/clusters/mitre-malware.json index 082cc8d..438f4ec 100644 --- a/clusters/mitre-malware.json +++ b/clusters/mitre-malware.json @@ -49,6 +49,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "f4cac204-3d3f-4bb6-84bd-fc27b2f5158c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "SOUNDBITE" @@ -139,6 +146,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "b376580e-aba1-4ac9-9c2d-2df429efecf6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "TEXTMATE" @@ -156,6 +170,15 @@ ], "uuid": "fde50aaa-f5de-4cb8-989a-babb57d6a704" }, + "related": [ + { + "dest-uuid": "0bc03bfa-1439-4162-bb33-ec9f8f952ee5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "Net Crawler" }, { @@ -178,6 +201,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "82c644ab-550a-4a83-9b35-d545f4719069", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "BlackEnergy" @@ -233,6 +263,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "c04fc02e-f35a-44b6-a9b0-732bf2fc551a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "Backdoor.Oldrea" @@ -260,6 +297,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "6eee9bf9-ffce-4c88-a5ad-9d80f6fc727c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "ChChes" @@ -333,6 +377,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "e6a077cb-42cc-4193-9006-9ceda8c0dff2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "Downdelph" @@ -400,6 +451,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d26b5518-8d7f-41a6-b539-231e4962853e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "Komplex" @@ -485,6 +543,15 @@ ], "uuid": "22addc7b-b39f-483d-979a-1b35147da5de" }, + "related": [ + { + "dest-uuid": "6a100902-7204-4f20-b838-545ed86d4428", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "WinMM" }, { @@ -507,6 +574,15 @@ ], "uuid": "7f8730af-f683-423f-9ee1-5f6875a80481" }, + "related": [ + { + "dest-uuid": "2ae57534-6aac-4025-8d93-888dab112b45", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "Sys10" }, { @@ -608,6 +684,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "35e00ff0-704e-4e61-b9bb-9ed20a4a008f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "BS2005" @@ -663,6 +746,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "036bd099-fe80-46c2-9c4c-e5c6df8dcdee", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "PlugX" @@ -683,6 +773,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "4df1b257-c242-46b0-b120-591430066b6f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "POSHSPY" @@ -696,6 +793,15 @@ ], "uuid": "0db09158-6e48-4e7c-8ce7-2b10b9c0c039" }, + "related": [ + { + "dest-uuid": "d1597713-fe7a-45bd-8b59-1a13c7e097d8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "Misdat" }, { @@ -741,6 +847,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "8465177f-16c8-47fc-a4c8-f4c0409fe460", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "MoonWind" @@ -772,6 +885,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "a61fc694-a88a-484d-a648-db35b49932fd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "Crimson" @@ -785,6 +905,15 @@ ], "uuid": "6b616fc1-1505-48e3-8b2c-0d19337bff38" }, + "related": [ + { + "dest-uuid": "53e94bc9-c8d2-4fb6-9c02-00841e454050", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "Rover" }, { @@ -807,6 +936,15 @@ ], "uuid": "00c3bfcb-99bd-4767-8c03-b08f585f5c8a" }, + "related": [ + { + "dest-uuid": "c79f5876-e3b9-417a-8eaf-8f1b01a0fecd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "PowerDuke" }, { @@ -880,6 +1018,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "7789fc1b-3cbc-4a1c-8ef0-8b06760f93e7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "PoisonIvy" @@ -897,6 +1042,15 @@ ], "uuid": "72f54d66-675d-4587-9bd3-4ed09f9522e4" }, + "related": [ + { + "dest-uuid": "8c246ec4-eaa5-42c0-b137-29f28cbb6832", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "Carbanak" }, { @@ -1029,6 +1183,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "53089817-6d65-4802-a7d2-5ccc3d919b74", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "XTunnel" @@ -1081,6 +1242,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "e88eb9b1-dc8b-4696-8dcf-0c29924d0f8b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "Sakula" @@ -1125,6 +1293,15 @@ ], "uuid": "53cf6cc4-65aa-445a-bcf8-c3d296f8a7a2" }, + "related": [ + { + "dest-uuid": "3bb8052e-8ed2-48e3-a2cf-7358bae8c6b5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "NETEAGLE" }, { @@ -1209,6 +1386,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "4cbe9373-6b5e-42d0-9750-e0b7fc0d58bb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "Regin" @@ -1233,6 +1417,15 @@ ], "uuid": "5f9f7648-04ba-4a9f-bb4c-2a13e74572bd" }, + "related": [ + { + "dest-uuid": "d5138738-846e-4466-830c-cd2bb6ad09cf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "Pteranodon" }, { @@ -1300,6 +1493,15 @@ ], "uuid": "26fed817-e7bf-41f9-829a-9075ffac45c2" }, + "related": [ + { + "dest-uuid": "3760920e-4d1a-40d8-9e60-508079499076", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "Kasidet" }, { @@ -1341,6 +1543,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "0a7d9d22-a26d-4a2b-ab9b-b296176c3ecf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "CHOPSTICK" @@ -1365,6 +1574,15 @@ ], "uuid": "64d76fa5-cf8f-469c-b78c-1a4f7c5bad80" }, + "related": [ + { + "dest-uuid": "cad1d6db-3a6c-4d67-8f6e-627d8a168d6a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "BBSRAT" }, { @@ -1388,6 +1606,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "3477a25d-e04b-475e-8330-39f66c10cc01", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "Elise" @@ -1428,6 +1653,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d674ffd2-1f27-403b-8fe9-b4af6e303e5c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "Uroburos" @@ -1460,6 +1692,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "b376580e-aba1-4ac9-9c2d-2df429efecf6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "POWERSOURCE" @@ -1676,6 +1915,20 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d26b5518-8d7f-41a6-b539-231e4962853e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "6bd20349-1231-4aaa-ba2a-f4b09d3b344c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "CORESHELL" @@ -1694,6 +1947,15 @@ ], "uuid": "69d6f4a9-fcf0-4f51-bca7-597c51ad0bb8" }, + "related": [ + { + "dest-uuid": "6a3c3fbc-97ec-4938-b64e-2679e4b73db9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "Remsec" }, { @@ -1732,6 +1994,15 @@ ], "uuid": "67e6d66b-1b82-4699-b47a-e2efb6268d14" }, + "related": [ + { + "dest-uuid": "1d07212e-6292-40a4-a5e9-30aef83b6207", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "SeaDuke" }, { @@ -1785,6 +2056,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "21ab9e14-602a-4a76-a308-dbf5d6a91d75", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "ADVSTORESHELL" @@ -1816,6 +2094,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "3a26ee44-3224-48f3-aefb-3978c972d928", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "NetTraveler" @@ -1836,6 +2121,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "1ecbcd20-f238-47ef-874b-08ef93266395", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "Dyre" @@ -1873,6 +2165,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d9cc15f7-0880-4ae4-8df4-87c58338d6b8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "ComRAT" @@ -1895,6 +2194,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "7f8166e2-c7f4-4b48-a07b-681b61a8f2c1", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "Winnti" @@ -1934,6 +2240,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "a70e93a7-3578-47e1-9926-0818979ed866", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "RedLeaves" @@ -1947,6 +2260,15 @@ ], "uuid": "92ec0cbd-2c30-44a2-b270-73f4ec949841" }, + "related": [ + { + "dest-uuid": "e6952b4d-e96d-4641-a88f-60074776d553", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "RTM" }, { @@ -2026,6 +2348,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "438c6d0f-03f0-4b49-89d2-40bf5349c3fc", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "EvilGrab" @@ -2176,6 +2505,15 @@ ], "uuid": "800bdfba-6d66-480f-9f45-15845c05cb5d" }, + "related": [ + { + "dest-uuid": "fb4313ea-1fb6-4766-8b5c-b41fd347e4c5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "pngdowner" }, { @@ -2187,6 +2525,15 @@ ], "uuid": "2fb26586-2b53-4b9a-ad4f-2b3bcb9a2421" }, + "related": [ + { + "dest-uuid": "009db412-762d-4256-8df9-eb213be01ffd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "SslMM" }, { @@ -2273,6 +2620,15 @@ ], "uuid": "b136d088-a829-432c-ac26-5529c26d4c7e" }, + "related": [ + { + "dest-uuid": "abd10caa-7d4c-4c22-8dae-8d32f13232d7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "OnionDuke" }, { @@ -2315,6 +2671,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "7ea00126-add3-407e-b69d-d4aa1b3049d5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "Derusbi" @@ -2342,6 +2705,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "6b6cf608-cc2c-40d7-8500-afca3e35e7e4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "Epic" @@ -2360,6 +2730,15 @@ ], "uuid": "251fbae2-78f6-4de7-84f6-194c727a64ad" }, + "related": [ + { + "dest-uuid": "2a4cacb7-80a1-417e-8b9c-54b4089f35d9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "Lurid" }, { @@ -2443,6 +2822,20 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d26b5518-8d7f-41a6-b539-231e4962853e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "6bd20349-1231-4aaa-ba2a-f4b09d3b344c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "JHUHUGIT" @@ -2459,5 +2852,5 @@ "value": "ELMER" } ], - "version": 5 -} + "version": 6 +} \ No newline at end of file diff --git a/clusters/mitre-mobile-attack-intrusion-set.json b/clusters/mitre-mobile-attack-intrusion-set.json index c62a195..9155ef7 100644 --- a/clusters/mitre-mobile-attack-intrusion-set.json +++ b/clusters/mitre-mobile-attack-intrusion-set.json @@ -72,11 +72,25 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d26b5518-8d7f-41a6-b539-231e4962853e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "6bd20349-1231-4aaa-ba2a-f4b09d3b344c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "bef4c620-0787-42a8-a96d-b7eb6e85917c", "value": "APT28 - G0007" } ], - "version": 4 -} + "version": 5 +} \ No newline at end of file diff --git a/clusters/mitre-mobile-attack-malware.json b/clusters/mitre-mobile-attack-malware.json index 02e6941..e734b37 100644 --- a/clusters/mitre-mobile-attack-malware.json +++ b/clusters/mitre-mobile-attack-malware.json @@ -20,6 +20,15 @@ "AndroRAT" ] }, + "related": [ + { + "dest-uuid": "80447111-8085-40a4-a052-420926091ac6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a3dad2be-ce62-4440-953b-00fbce7aba93", "value": "AndroRAT - MOB-S0008" }, @@ -49,6 +58,15 @@ "DualToy" ] }, + "related": [ + { + "dest-uuid": "8269e779-db23-4c94-aafb-36ee94879417", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "507fe748-5e4a-4b45-9e9f-8b1115f4e878", "value": "DualToy - MOB-S0031" }, @@ -161,6 +179,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "52acea22-7d88-433c-99e6-8fef1657e3ad", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "33d9d91d-aad9-49d5-a516-220ce101ac8a", @@ -301,6 +326,15 @@ "WireLurker" ] }, + "related": [ + { + "dest-uuid": "bc32df24-8e80-44bc-80b0-6a4d55661aa5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "326eaf7b-5784-4f08-8fc2-61fd5d5bc5fb", "value": "WireLurker - MOB-S0028" }, @@ -413,6 +447,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "0a7d9d22-a26d-4a2b-ab9b-b296176c3ecf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "56660521-6db4-4e5a-a927-464f22954b7c", @@ -550,6 +591,15 @@ "Charger" ] }, + "related": [ + { + "dest-uuid": "6e0545df-8df6-4990-971c-e96c4c60d561", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d1c600f8-0fb6-4367-921b-85b71947d950", "value": "Charger - MOB-S0039" }, @@ -588,6 +638,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "52acea22-7d88-433c-99e6-8fef1657e3ad", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "93799a9d-3537-43d8-b6f4-17215de1657c", @@ -610,5 +667,5 @@ "value": "XcodeGhost - MOB-S0013" } ], - "version": 4 -} + "version": 5 +} \ No newline at end of file diff --git a/clusters/mitre-mobile-attack-tool.json b/clusters/mitre-mobile-attack-tool.json index 36c7a0c..ef82aa8 100644 --- a/clusters/mitre-mobile-attack-tool.json +++ b/clusters/mitre-mobile-attack-tool.json @@ -27,11 +27,25 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "4cfa42a3-71d9-43e2-bf23-daa79f326387", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "5a78ec38-8b93-4dde-a99e-0c9b77674838", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "da21929e-40c0-443d-bdf4-6b60d15448b4", "value": "Xbot - MOB-S0014" } ], - "version": 4 -} + "version": 5 +} \ No newline at end of file diff --git a/clusters/mitre-tool.json b/clusters/mitre-tool.json index c02d55a..170390c 100644 --- a/clusters/mitre-tool.json +++ b/clusters/mitre-tool.json @@ -88,6 +88,15 @@ ], "uuid": "102c3898-85e0-43ee-ae28-62a0a3ed9507" }, + "related": [ + { + "dest-uuid": "ccde5b0d-fe13-48e6-a6f4-4e434ce29371", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "UACMe" }, { @@ -187,6 +196,15 @@ ], "uuid": "b07c2c47-fefb-4d7c-a69e-6a3296171f54" }, + "related": [ + { + "dest-uuid": "8410d208-7450-407d-b56c-e5c1ced19632", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "gsecdump" }, { @@ -319,6 +337,15 @@ ], "uuid": "d5e96a35-7b0b-4c6a-9533-d63ecbda563e" }, + "related": [ + { + "dest-uuid": "3fb18a77-91ef-4c68-a9a9-fa6bdbea38e8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "value": "HTRAN" }, { @@ -451,6 +478,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "1a1d3ea4-972e-4c48-8d85-08d9db8f1550", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "value": "Cobalt Strike" @@ -472,5 +506,5 @@ "value": "Reg" } ], - "version": 5 -} + "version": 6 +} \ No newline at end of file diff --git a/clusters/ransomware.json b/clusters/ransomware.json index 90dbc50..0218fa3 100644 --- a/clusters/ransomware.json +++ b/clusters/ransomware.json @@ -876,6 +876,15 @@ "https://www.bleepingcomputer.com/news/security/hermes-ransomware-decrypted-in-live-video-by-emsisofts-fabian-wosar/" ] }, + "related": [ + { + "dest-uuid": "4d8da0af-cfd7-4990-b211-af0e9906eca0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b7102922-8aad-4b29-8518-6d87c3ba45bb", "value": "Hermes Ransomware" }, @@ -1265,6 +1274,15 @@ "https://twitter.com/Xylit0l/status/821757718885236740" ] }, + "related": [ + { + "dest-uuid": "5639f7db-ab70-4b86-8a2f-9c4e3927ba91", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "61d8bba8-7b22-493f-b023-97ffe7f17caf", "value": "Satan Ransomware" }, @@ -1902,6 +1920,15 @@ "https://twitter.com/JaromirHorejsi/status/815557601312329728" ] }, + "related": [ + { + "dest-uuid": "cd5f5165-7bd3-4430-b0bc-2c8fa518f618", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f762860a-5e7a-43bf-bef4-06bd27e0b023", "value": "Red Alert" }, @@ -2164,6 +2191,15 @@ "https://twitter.com/PolarToffee/status/812331918633172992" ] }, + "related": [ + { + "dest-uuid": "5060756f-8385-465d-a7dd-7bf09a54da92", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "dd356ed3-42b8-4587-ae53-95f933517612", "value": "Alphabet Ransomware" }, @@ -2353,6 +2389,15 @@ "Manifestus" ] }, + "related": [ + { + "dest-uuid": "5b75db42-b8f2-4e52-81d3-f329e49e1af2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "52caade6-ba7b-474e-b173-63f4332aa808", "value": "EnkripsiPC Ransomware" }, @@ -2473,6 +2518,15 @@ "GlobeImposter" ] }, + "related": [ + { + "dest-uuid": "73806c57-cef8-4f7b-a78b-7949ef83b2c2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e03873ef-9e3d-4d07-85d8-e22a55f60c19", "value": "Fake Globe Ransomware" }, @@ -4423,6 +4477,15 @@ "WCRY" ] }, + "related": [ + { + "dest-uuid": "ad67ff31-2a02-43f9-8b12-7df7e4fcccd6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d62ab8d5-4ba1-4c45-8a63-13fdb099b33c", "value": "WannaCry" }, @@ -4484,6 +4547,15 @@ "7ev3n-HONE$T" ] }, + "related": [ + { + "dest-uuid": "ac2608e9-7851-409f-b842-e265b877a53c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "664701d6-7948-4e80-a333-1d1938103ba1", "value": "7ev3n" }, @@ -4592,6 +4664,15 @@ "AlphaLocker" ] }, + "related": [ + { + "dest-uuid": "c1b9e8c5-9283-4dbe-af10-45956a446fb7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a27fff00-995a-4598-ba00-05921bf20e80", "value": "Alpha Ransomware" }, @@ -4676,6 +4757,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "e87d9df4-b464-4458-ae1f-31cea40d5f96", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "e38b8876-5780-4574-9adf-304e9d659bdb", @@ -4809,6 +4897,15 @@ "BaCrypt" ] }, + "related": [ + { + "dest-uuid": "1dfd3ba6-7f82-407f-958d-c4a2ac055123", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "3cf2c880-e0b5-4311-9c4e-6293f2a566e7", "value": "Bart" }, @@ -5004,6 +5101,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "980ea9fa-d29d-4a44-bb87-0c050f8ddeaf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "8ff729d9-aee5-4b85-a59d-3f57e105be40", @@ -5041,6 +5145,15 @@ "CRBR ENCRYPTOR" ] }, + "related": [ + { + "dest-uuid": "79a7203a-6ea5-4c39-abd4-faa20cf8821a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "190edf95-9cd9-4e4a-a228-b716d52a751b", "value": "Cerber" }, @@ -5181,6 +5294,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "980ea9fa-d29d-4a44-bb87-0c050f8ddeaf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "629f6986-2c1f-4d0a-b805-e4ef3e2ce634", @@ -5323,6 +5443,15 @@ "Ranscam" ] }, + "related": [ + { + "dest-uuid": "50c92b0b-cae3-41e7-b7d8-dffc2c88ac4b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "383d7ebb-9b08-4874-b5d7-dc02b499c38f", "value": "CryptoFinancial" }, @@ -5344,6 +5473,20 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "ae4aa1ef-4da0-4952-9583-9d47f84edad9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "7f6cd579-b021-4896-80da-fcc07c35c8b2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "26c8b446-305c-4057-83bc-85b09630281e", @@ -5375,6 +5518,15 @@ "ROI Locker" ] }, + "related": [ + { + "dest-uuid": "54cd671e-b7e4-4dd3-9bfa-dc0ba5105944", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "dba2cf74-16a9-4ed8-8536-6542fda95999", "value": "CryptoHost" }, @@ -5415,6 +5567,15 @@ "https://reaqta.com/2016/04/uncovering-ransomware-distribution-operation-part-2/" ] }, + "related": [ + { + "dest-uuid": "c5a783da-9ff3-4427-84c5-428480b21cc7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b35b1ca2-f99c-4495-97a5-b8f30225cb90", "value": "CryptoLocker" }, @@ -5496,6 +5657,15 @@ "Zeta" ] }, + "related": [ + { + "dest-uuid": "55d5742e-20f5-4c9a-887a-4dbd5b37d921", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c76110ea-15f1-4adf-a28d-c707374dbb3a", "value": "CryptoMix" }, @@ -5506,6 +5676,15 @@ "https://twitter.com/malwrhunterteam/status/817672617658347521" ] }, + "related": [ + { + "dest-uuid": "2f65f056-6cba-4a5b-9aaf-daf31eb76fc2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "de53f392-8794-43d1-a38b-c0b90c20a3fb", "value": "CryptoRansomeware" }, @@ -5822,6 +6001,15 @@ "CyberSplitter" ] }, + "related": [ + { + "dest-uuid": "8bde6075-8c5b-4ff1-be9a-4e2b1d3419aa", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "587589df-ee42-43f4-9480-c65d6e1d7e0f", "value": "Cyber SpLiTTer Vbs" }, @@ -6046,6 +6234,22 @@ "Hidden Tear" ] }, + "related": [ + { + "dest-uuid": "24fe5fef-6325-4c21-9c35-a0ecd185e254", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "b96be762-56a0-4407-be04-fcba76c1ff29", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "254f4f67-d850-4dc5-8ddb-2e955ddea287", "value": "HiddenTear" }, @@ -6286,6 +6490,15 @@ "https://www.bleepingcomputer.com/news/security/firecrypt-ransomware-comes-with-a-ddos-component/" ] }, + "related": [ + { + "dest-uuid": "c4346ed0-1d74-4476-a78c-299bce0409bd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "721ba430-fd28-454c-8512-24339ef2235f", "value": "FireCrypt" }, @@ -6446,6 +6659,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "721e9af0-8a60-4b9e-9137-c23e86d75722", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "390abe30-8b9e-439e-a6d3-2ee978f05fba", @@ -6536,6 +6756,15 @@ "Mamba" ] }, + "related": [ + { + "dest-uuid": "df320366-7970-4af0-b1f4-9f9492dede53", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "95be4cd8-1d98-484f-a328-a5917a05e3c8", "value": "HDDCryptor" }, @@ -6574,6 +6803,15 @@ "https://blog.fortinet.com/2016/06/03/cooking-up-autumn-herbst-ransomware" ] }, + "related": [ + { + "dest-uuid": "ca8482d9-657b-49fe-8345-6ed962a9735a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6489895b-0213-4564-9cfc-777df58d84c9", "value": "Herbst" }, @@ -6781,6 +7019,15 @@ "CryptoHitMan" ] }, + "related": [ + { + "dest-uuid": "910c3fd2-56e5-4f1d-8df0-2aa0b293b7d9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "1e3384ae-4b48-4c96-b7c2-bc1cc1eda203", "value": "Jigsaw" }, @@ -6835,6 +7082,15 @@ "http://www.welivesecurity.com/2016/03/07/new-mac-ransomware-appears-keranger-spread-via-transmission-app/" ] }, + "related": [ + { + "dest-uuid": "01643bc9-bd61-42e8-b9f1-5fbf83dcd786", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "63292b32-9867-4fb2-9e59-d4983d4fd5d1", "value": "KeRanger" }, @@ -7122,6 +7378,15 @@ "https://www.bleepingcomputer.com/news/security/locky-ransomware-switches-to-egyptian-mythology-with-the-osiris-extension/" ] }, + "related": [ + { + "dest-uuid": "24c9bb9f-1f9a-4e01-95d8-86c51733e11c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8d51a22e-3485-4480-af96-8ed0305a7aa6", "value": "Locky" }, @@ -7406,6 +7671,15 @@ "http://github.com/Cyberclues/nanolocker-decryptor" ] }, + "related": [ + { + "dest-uuid": "00e1373c-fddf-4b06-9770-e980cc0ada6b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "03a91686-c607-49a8-a4e2-2054833c0013", "value": "NanoLocker" }, @@ -7570,6 +7844,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "32fa6c53-b4fc-47f8-894c-1ea74180e02f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "3c51fc0e-42d8-4ff0-b1bd-5c8c20271a39", @@ -7589,6 +7870,15 @@ "GPCode" ] }, + "related": [ + { + "dest-uuid": "127c3d76-6323-4363-93e0-cd06ade0dd52", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "7914f9c9-3257-464c-b918-3754c4d018af", "value": "OMG! Ransomware" }, @@ -7622,6 +7912,15 @@ "CryptoWire" ] }, + "related": [ + { + "dest-uuid": "bc0c1e48-102c-4e6b-9b86-c442c4798159", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4bb11db7-17a0-4536-b817-419ae6299004", "value": "Owl" }, @@ -7640,6 +7939,15 @@ "https://twitter.com/malwrhunterteam/status/798141978810732544" ] }, + "related": [ + { + "dest-uuid": "c21335f5-b145-4029-b1bc-161362c7ce80", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "57c5df76-e72f-41b9-be29-89395f83a77c", "value": "PadCrypt" }, @@ -7674,6 +7982,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "bad1057c-4f92-4747-a0ec-31bcc062dab8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "e211ea8d-5042-48ae-86c6-15186d1f8dba", @@ -7696,6 +8011,15 @@ "Goldeneye" ] }, + "related": [ + { + "dest-uuid": "34c9dbaa-97ac-4e1e-9eca-b7c492d67efc", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "7c5a1e93-7ab2-4b08-ada9-e82c4feaed0a", "value": "Petya" }, @@ -7752,6 +8076,15 @@ "https://securelist.com/blog/research/76182/polyglot-the-fake-ctb-locker/" ] }, + "related": [ + { + "dest-uuid": "5ee77368-5e09-4016-ae73-82b99e830832", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b22cafb4-ccef-4935-82f4-631a6e539b8e", "value": "Polyglot" }, @@ -7772,6 +8105,15 @@ "PoshCoder" ] }, + "related": [ + { + "dest-uuid": "5c5beab9-614c-4c86-b369-086234ddb43c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "9fa93bb7-2997-4864-aa0e-0e667990dec8", "value": "PowerWare" }, @@ -7907,6 +8249,15 @@ "http://www.nyxbone.com/malware/radamant.html" ] }, + "related": [ + { + "dest-uuid": "98bcb2b9-bc3a-4ffb-859a-94bd03c1cc3c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "674c3bf6-2e16-427d-ab0f-b91676a460cd", "value": "Radamant" }, @@ -8025,6 +8376,15 @@ "https://www.bleepingcomputer.com/news/security/ransoc-ransomware-extorts-users-who-accessed-questionable-content/" ] }, + "related": [ + { + "dest-uuid": "5310903e-0704-4ca4-ab1b-52d243dddb06", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f0fcbac5-6216-4c3c-adcb-3aa06ab23340", "value": "Ransoc" }, @@ -8136,6 +8496,15 @@ "https://blog.malwarebytes.org/threat-analysis/2016/04/rokku-ransomware/" ] }, + "related": [ + { + "dest-uuid": "38f57823-ccc2-424b-8140-8ba30325af9c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "61184aea-e87b-467d-b36e-cfc75ccb242f", "value": "Rokku" }, @@ -8266,6 +8635,15 @@ "Samsam" ] }, + "related": [ + { + "dest-uuid": "696d78cb-1716-4ca0-b678-c03c7cfec19a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "731e4a5e-35f2-47b1-80ba-150b95fdc14d", "value": "Samas-Samsam" }, @@ -8327,6 +8705,15 @@ "https://blog.kaspersky.com/satana-ransomware/12558/" ] }, + "related": [ + { + "dest-uuid": "09b555be-8bac-44b2-8741-922ee0b87880", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a127a59e-9e4c-4c2b-b833-cabd076c3016", "value": "Satana" }, @@ -8348,6 +8735,15 @@ "http://www.nyxbone.com/malware/Serpico.html" ] }, + "related": [ + { + "dest-uuid": "0d4ca924-7e7e-4385-b14d-f504b4d206e5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "bd4bfbab-c21d-4971-b70c-b180bcf40630", "value": "Serpico" }, @@ -8409,6 +8805,15 @@ "KinCrypt" ] }, + "related": [ + { + "dest-uuid": "77c20bd9-5403-4f99-bae5-c54f3f38a6b6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b9963d52-a391-4e9c-92e7-d2a147d5451f", "value": "Shujin" }, @@ -8760,6 +9165,20 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "ae4aa1ef-4da0-4952-9583-9d47f84edad9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "7f6cd579-b021-4896-80da-fcc07c35c8b2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "b817ce63-f1c3-49de-bd8b-fd56c3f956c9", @@ -9240,6 +9659,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "721e9af0-8a60-4b9e-9137-c23e86d75722", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "78ef77ac-a570-4fb9-af80-d04c09dff9ab", @@ -9273,6 +9699,15 @@ "https://www.bleepingcomputer.com/news/security/jaff-ransomware-distributed-via-necurs-malspam-and-asking-for-a-3-700-ransom/" ] }, + "related": [ + { + "dest-uuid": "2c51a717-726b-4813-9fcc-1265694b128e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8e3d44d0-6768-4b54-88b0-2e004a7f2297", "value": "Jaff" }, @@ -9400,6 +9835,15 @@ "Syn Ack" ] }, + "related": [ + { + "dest-uuid": "a396a0bb-6dc5-424a-bdbd-f8ba808ca2c2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "04585cd8-54ae-420f-9191-8ddb9b88a80c", "value": "SynAck" }, @@ -9417,6 +9861,15 @@ "https://www.bleepingcomputer.com/news/security/synccrypt-ransomware-hides-inside-jpg-files-appends-kk-extension/" ] }, + "related": [ + { + "dest-uuid": "e717a26d-17aa-4cd7-88de-dc75aa365232", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "83d10b83-9038-4dd6-b305-f14c21478588", "value": "SyncCrypt" }, @@ -9431,6 +9884,15 @@ "Bad-Rabbit" ] }, + "related": [ + { + "dest-uuid": "6f736038-4f74-435b-8904-6870ee0e23ba", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e8af6388-6575-4812-94a8-9df1567294c5", "value": "Bad Rabbit" }, @@ -9573,6 +10035,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "bad1057c-4f92-4747-a0ec-31bcc062dab8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "091c9923-5939-4bde-9db5-56abfb51f1a2", @@ -9586,6 +10055,15 @@ "https://objective-see.com/blog/blog_0x25.html" ] }, + "related": [ + { + "dest-uuid": "66862f1a-5823-4a9a-bd80-439aaafc1d8b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "7574c7f1-5075-4230-aca9-d6c0956f1fac", "value": "MacRansom" }, @@ -9659,6 +10137,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "32fa6c53-b4fc-47f8-894c-1ea74180e02f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "4f3e494e-0e37-4894-94b2-741a8100f07a", @@ -9675,6 +10160,15 @@ "https://www.eclecticiq.com/resources/thanatos--ransomware-first-ransomware-ask-payment-bitcoin-cash?type=intel-report" ] }, + "related": [ + { + "dest-uuid": "24fabbe0-27a2-4c93-a6a6-c14767efaa25", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "361d7a90-2fde-4fc7-91ed-fdce26eb790f", "value": "Thanatos" }, @@ -10322,6 +10816,15 @@ "https://www.johannesbader.ch/2015/03/the-dga-of-dircrypt/" ] }, + "related": [ + { + "dest-uuid": "61b2dd12-2381-429d-bb64-e3210804a462", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "cdcc59a0-955e-412d-b481-8dff4bce6fdf", "value": "DirCrypt" }, @@ -10616,5 +11119,5 @@ "value": "SAVEfiles" } ], - "version": 37 -} + "version": 38 +} \ No newline at end of file diff --git a/clusters/rat.json b/clusters/rat.json index 6bb8ad1..59eacdb 100644 --- a/clusters/rat.json +++ b/clusters/rat.json @@ -36,6 +36,15 @@ "https://www.cfr.org/interactive/cyber-operations/jaderat" ] }, + "related": [ + { + "dest-uuid": "8804e02c-a139-4c3d-8901-03302ca1faa0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "1cc8963b-5ad4-4e19-8e9a-57b0ff1ef926", "value": "JadeRAT" }, @@ -95,6 +104,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "7789fc1b-3cbc-4a1c-8ef0-8b06760f93e7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "4e104fef-8a2c-4679-b497-6e86d7d47db0", @@ -177,6 +193,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "5086a6e0-53b2-4d96-9eb3-a0237da2e591", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "8a21ae06-d257-48a0-989b-1c9aebedabc2", @@ -288,6 +311,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "8eb9d4aa-257a-45eb-8c65-95c18500171c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "b76d9845-815c-4e77-9538-6b737269da2f", @@ -343,6 +373,15 @@ "https://www.fireeye.com/blog/threat-research/2013/10/know-your-enemy-tracking-a-rapidly-evolving-apt-actor.html" ] }, + "related": [ + { + "dest-uuid": "f9d0e934-879c-4668-b959-6bf7bdc96f5d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "41f45758-0376-42a8-bc07-8f2ffbee3ad2", "value": "Bozok" }, @@ -366,6 +405,15 @@ "http://www.nbcnews.com/id/41584097/ns/technology_and_science-security/t/cybergate-leaked-e-mails-hint-corporate-hacking-conspiracy/" ] }, + "related": [ + { + "dest-uuid": "062d8577-d6e6-4c97-bcac-eb6eb1a50a8d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c3cf4e88-704b-4d7c-8185-ee780804f3d3", "value": "CyberGate" }, @@ -425,6 +473,15 @@ "JacksBot" ] }, + "related": [ + { + "dest-uuid": "f2a9f583-b4dd-4669-8808-49c8bbacc376", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "1df62d96-88f8-473c-94a2-252eb360ba62", "value": "jRAT" }, @@ -436,6 +493,15 @@ "https://leakforums.net/thread-479505" ] }, + "related": [ + { + "dest-uuid": "ff24997d-1f17-4f00-b9b8-b3392146540f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "669a0e4d-9760-49fc-bdf5-0471f84e0c76", "value": "jSpy" }, @@ -494,6 +560,15 @@ "PredatorPain" ] }, + "related": [ + { + "dest-uuid": "31615066-dbff-4134-b467-d97a337b408b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "42a97a5d-ee33-492a-b20f-758ecdbf1aed", "value": "Predator Pain" }, @@ -583,6 +658,15 @@ "https://www.volexity.com/blog/2017/03/23/have-you-been-haunted-by-the-gh0st-rat-today/" ] }, + "related": [ + { + "dest-uuid": "225fa6cf-dc9c-4b86-873b-cdf1d9dd3738", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "255a59a7-db2d-44fc-9ca9-5859b65817c3", "value": "Gh0st RAT" }, @@ -635,6 +719,15 @@ "https://researchcenter.paloaltonetworks.com/2017/10/unit42-tracking-subaat-targeted-phishing-attacks-point-leader-threat-actors-repository/" ] }, + "related": [ + { + "dest-uuid": "05252643-093b-4070-b62f-d5836683a9fa", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6efa425c-3731-44fd-9224-2a62df061a2d", "value": "Quasar RAT" }, @@ -667,6 +760,15 @@ "https://github.com/shotskeber/Ratty" ] }, + "related": [ + { + "dest-uuid": "da032a95-b02a-4af2-b563-69f686653af4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a51f07ae-ab2c-45ee-aa9c-1db7873e7bb4", "value": "Ratty" }, @@ -964,6 +1066,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "e87d9df4-b464-4458-ae1f-31cea40d5f96", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "d5d3f9de-21b5-482e-b716-5f2f13182990", @@ -1231,6 +1340,15 @@ "https://www.rekings.com/spynote-v4-android-rat/" ] }, + "related": [ + { + "dest-uuid": "31592c69-d540-4617-8253-71ae0c45526c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ea727e26-b3de-44f8-86c5-11a912c7a8aa", "value": "SpyNote" }, @@ -1530,6 +1648,15 @@ "https://www.zscaler.com/blogs/research/cobian-rat-backdoored-rat" ] }, + "related": [ + { + "dest-uuid": "aa553bbd-f6e4-4774-9ec5-4607aa2004b8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8c49da10-2b59-42c4-81e6-75556decdecb", "value": "Cobian RAT" }, @@ -1693,6 +1820,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d9cc15f7-0880-4ae4-8df4-87c58338d6b8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "9223bf17-7e32-4833-9574-9ffd8c929765", @@ -1786,6 +1920,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "036bd099-fe80-46c2-9c4c-e5c6df8dcdee", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "663f8ef9-4c50-499a-b765-f377d23c1070", @@ -1872,6 +2013,15 @@ "meta": { "date": "2010" }, + "related": [ + { + "dest-uuid": "479353aa-c6d7-47a7-b5f0-3f97fd904864", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ee73e375-3ac2-4ce0-b24b-74fd82d52864", "value": "Erebus" }, @@ -2044,6 +2194,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "1a1d3ea4-972e-4c48-8d85-08d9db8f1550", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "ca44dd5e-fd9e-48b5-99cb-0b2629b9265f", @@ -2075,6 +2232,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "e88eb9b1-dc8b-4696-8dcf-0c29924d0f8b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "3eca2d5f-41bf-4ad4-847f-df18befcdc44", @@ -2121,6 +2285,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "a61fc694-a88a-484d-a648-db35b49932fd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "8d8efbc6-d1b7-4ec8-bab3-591edba337d0", @@ -2231,6 +2402,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "f982fa2d-f78f-4fe1-a86d-d10471a3ebcf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "5b930a23-7d88-481f-8791-abc7b3dd93d2", @@ -2271,6 +2449,15 @@ "http://securityaffairs.co/wordpress/51202/cyber-crime/govrat-2-0-attacks.html" ] }, + "related": [ + { + "dest-uuid": "9fbb5822-1660-4651-9f57-b6f83a881786", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b6ddc2c6-5890-4c60-9b10-4274d1a9cc22", "value": "GovRAT" }, @@ -2352,6 +2539,15 @@ "https://omnirat.eu/en/" ] }, + "related": [ + { + "dest-uuid": "ec936d58-6607-4e33-aa97-0e587bbbdda5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f091dfcb-07f4-4414-849e-c644e7327d94", "value": "OmniRAT" }, @@ -2512,6 +2708,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "8465177f-16c8-47fc-a4c8-f4c0409fe460", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "f266754c-d0aa-4918-95a3-73b28eaa66e3", @@ -2526,6 +2729,15 @@ "https://blog.talosintelligence.com/2018/08/picking-apart-remcos.html" ] }, + "related": [ + { + "dest-uuid": "2894aee2-e0ec-417a-811e-74a68ab967b2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f647cca0-7416-47e9-8342-94b84dd436cc", "value": "Remcos" }, @@ -2537,6 +2749,15 @@ "https://securityintelligence.com/client-maximus-new-remote-overlay-malware-highlights-rising-malcode-sophistication-in-brazil/" ] }, + "related": [ + { + "dest-uuid": "c2bd0771-55d6-4242-986d-4bfd735998ba", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d840e5af-3e6b-49af-ab82-fb4f8740bf55", "value": "Client Maximus" }, @@ -2580,6 +2801,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "a70e93a7-3578-47e1-9926-0818979ed866", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "ad6a1b4a-6d79-40d4-adb7-1d7ca697347e", @@ -2593,6 +2821,15 @@ "http://www.securityweek.com/rurktar-malware-espionage-tool-development" ] }, + "related": [ + { + "dest-uuid": "512e0b13-a52b-45ef-9230-7172f5e976d4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "40bce827-4049-46e4-8323-3ab58f0f00bc", "value": "Rurktar" }, @@ -2667,6 +2904,15 @@ "https://objective-see.com/blog/blog_0x25.html" ] }, + "related": [ + { + "dest-uuid": "c9915d41-d1fb-45bc-997e-5cd9c573d8e7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b7cea5fe-d3fe-47cf-ba82-104c90e130ff", "value": "MacSpy" }, @@ -2692,6 +2938,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "b376580e-aba1-4ac9-9c2d-2df429efecf6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "ee8ccb36-2596-43a3-a044-b8721dbeb2ab", @@ -2747,6 +3000,15 @@ "https://cdn.riskiq.com/wp-content/uploads/2017/10/RiskIQ-htpRAT-Malware-Attacks.pdf?_ga=2.159415805.1155855406.1509033001-1017609577.1507615928" ] }, + "related": [ + { + "dest-uuid": "e8d1a1f3-3170-4562-9a18-cadf000e48d0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "7362581a-a7d1-4060-b225-e227f2df2b60", "value": "htpRAT" }, @@ -2765,6 +3027,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "bbfd4fb4-3e5a-43bf-b4bb-eaf5ef4fb25f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "e0bea149-2def-484f-b658-f782a4f94815", @@ -2839,6 +3108,15 @@ "https://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/" ] }, + "related": [ + { + "dest-uuid": "1a4f99cc-c078-41f8-9749-e1dc524fc795", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "cd6527d1-17a7-4825-8b4b-56e113d0efb1", "value": "ARS VBS Loader" }, @@ -2850,6 +3128,15 @@ "https://labs.bitdefender.com/wp-content/uploads/downloads/radrat-an-all-in-one-toolkit-for-complex-espionage-ops/" ] }, + "related": [ + { + "dest-uuid": "271752e3-67ca-48bc-ade2-30eec11defca", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5a3df9d7-82de-445e-a218-406b970600d7", "value": "RadRAT" }, @@ -2860,6 +3147,15 @@ "https://www.proofpoint.com/us/threat-insight/post/leaked-source-code-ammyy-admin-turned-flawedammyy-rat" ] }, + "related": [ + { + "dest-uuid": "18419355-fd28-41a6-bffe-2df68a7166c4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "3c1003a2-8364-467a-b9b8-fcc19724a9b5", "value": "FlawedAmmyy" }, @@ -2881,6 +3177,15 @@ "https://blog.talosintelligence.com/2018/05/navrat.html" ] }, + "related": [ + { + "dest-uuid": "ec0cad2c-0c13-491a-a869-1dc1758c8872", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6ea032a0-d54a-463b-b016-2b7b9b9a5b7e", "value": "NavRAT" }, @@ -2901,6 +3206,15 @@ "https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/june/cve-2017-8750-rtf-and-the-sisfader-rat/" ] }, + "related": [ + { + "dest-uuid": "0fba78fc-47a1-45e1-b5df-71bcabd23b5d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b533439d-b060-4c90-80e0-9dce67b0c6fb", "value": "Sisfader" }, @@ -2941,5 +3255,5 @@ "value": "NukeSped" } ], - "version": 18 -} + "version": 19 +} \ No newline at end of file diff --git a/clusters/stealer.json b/clusters/stealer.json index fa1be5f..9171569 100644 --- a/clusters/stealer.json +++ b/clusters/stealer.json @@ -16,6 +16,15 @@ "https://www.proofpoint.com/us/threat-insight/post/thief-night-new-nocturnal-stealer-grabs-data-cheap" ] }, + "related": [ + { + "dest-uuid": "94793dbc-3649-40a4-9ccc-1b32846ecb3a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e7080bce-99b5-4615-a798-a192ed89bd5a", "value": "Nocturnal Stealer" }, @@ -44,5 +53,5 @@ "value": "AZORult" } ], - "version": 2 -} + "version": 3 +} \ No newline at end of file diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index e3d0569..1188868 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -2751,6 +2751,15 @@ "Mythic Leopard" ] }, + "related": [ + { + "dest-uuid": "2a410eea-a9da-11e8-b404-37b7060746c8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "acbb5cad-ffe7-4b0e-a57a-2dbc916e8905", "value": "Operation C-Major" }, @@ -5920,5 +5929,5 @@ "value": "FASTCash" } ], - "version": 69 -} + "version": 70 +} \ No newline at end of file diff --git a/clusters/tool.json b/clusters/tool.json index 9a69d8a..e71f31a 100644 --- a/clusters/tool.json +++ b/clusters/tool.json @@ -43,6 +43,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "5eee35b6-bd21-4b67-b198-e9320fcf2c88", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "75f53ead-1aee-4f91-8cb9-b4170d747cfc", @@ -79,6 +86,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "036bd099-fe80-46c2-9c4c-e5c6df8dcdee", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "f4b159ea-97e5-483b-854b-c48a78d562aa", @@ -139,6 +153,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "7789fc1b-3cbc-4a1c-8ef0-8b06760f93e7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "2abe89de-46dd-4dae-ae22-b49a593aff54", @@ -227,6 +248,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "3477a25d-e04b-475e-8330-39f66c10cc01", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "d70fd29d-590e-4ed5-b72f-6ce0142019c6", @@ -246,6 +274,15 @@ "reco" ] }, + "related": [ + { + "dest-uuid": "686a9217-3978-47c0-9989-dd2a3438ba72", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "7ccd3821-e825-4ff8-b4be-92c9732ce708", "value": "Trojan.Laziok" }, @@ -280,6 +317,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d87e2574-7b9c-4ea7-98eb-88f3e139f6ff", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "f8047de2-fefc-4ee0-825b-f1fae4b20c09", @@ -339,6 +383,15 @@ "Backdoor" ] }, + "related": [ + { + "dest-uuid": "ff611c24-289e-4f2d-88d2-cfbf771a4e4b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a860d257-4a39-47ec-9230-94cac67ebf7e", "value": "njRAT" }, @@ -396,6 +449,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "e88eb9b1-dc8b-4696-8dcf-0c29924d0f8b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "f6c137f0-979c-4ce2-a0e5-2a080a5a1746", @@ -433,6 +493,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "7ea00126-add3-407e-b69d-d4aa1b3049d5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "eff68b97-f36e-4827-ab1a-90523c16774c", @@ -468,6 +535,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "438c6d0f-03f0-4b49-89d2-40bf5349c3fc", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "c9b4ec27-0a43-4671-a967-bcac5df0e056", @@ -543,6 +617,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "3a26ee44-3224-48f3-aefb-3978c972d928", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "59b70721-6fed-4805-afa5-4ff2554bef81", @@ -571,6 +652,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "7f8166e2-c7f4-4b48-a07b-681b61a8f2c1", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "9b3a4cff-1c5a-4fd6-b49c-27240b6d622c", @@ -744,6 +832,15 @@ "Backdoor" ] }, + "related": [ + { + "dest-uuid": "d9cc15f7-0880-4ae4-8df4-87c58338d6b8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "da079741-05e6-458c-b434-011263dc691c", "value": "Agent.BTZ" }, @@ -780,6 +877,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "6b6cf608-cc2c-40d7-8500-afca3e35e7e4", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "36c0faf0-428e-4e7f-93c5-824bb0495ac9", @@ -809,6 +913,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d674ffd2-1f27-403b-8fe9-b4af6e303e5c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "22332d52-c0c2-443c-9ffb-f08c0d23722c", @@ -836,6 +947,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "5086a6e0-53b2-4d96-9eb3-a0237da2e591", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "9ad11139-e928-45cf-a0b4-937290642e92", @@ -894,6 +1012,15 @@ "FAKEM" ] }, + "related": [ + { + "dest-uuid": "b127028b-ecb1-434b-abea-e4df3ca458b9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "eead5605-0d79-4942-a6c2-efa6853cdf6b", "value": "Fakem RAT" }, @@ -967,6 +1094,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "0a7d9d22-a26d-4a2b-ab9b-b296176c3ecf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "0a32ceea-fa66-47ab-8bde-150dbd6d2e40", @@ -996,6 +1130,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "21ab9e14-602a-4a76-a308-dbf5d6a91d75", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "6374fc53-9a0d-41ba-b9cf-2a9765d69fbb", @@ -1059,6 +1200,20 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d26b5518-8d7f-41a6-b539-231e4962853e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "6bd20349-1231-4aaa-ba2a-f4b09d3b344c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "43cd8a09-9c80-48c8-9568-1992433af60a", @@ -1116,6 +1271,20 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d26b5518-8d7f-41a6-b539-231e4962853e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "6bd20349-1231-4aaa-ba2a-f4b09d3b344c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "1de47f51-1f20-403b-a2e1-5eaabe275faa", @@ -1201,6 +1370,20 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d26b5518-8d7f-41a6-b539-231e4962853e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "6bd20349-1231-4aaa-ba2a-f4b09d3b344c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "3948ce95-468e-4ce1-82b1-57439c6d6afd", @@ -1219,6 +1402,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "c04fc02e-f35a-44b6-a9b0-732bf2fc551a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "d7183f66-59ec-4803-be20-237b442259fc", @@ -1244,6 +1434,15 @@ "value": "KjW0rm" }, { + "related": [ + { + "dest-uuid": "d2414f4a-1eda-4d80-84d3-ed130ca14e3c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "1b591586-e1ef-4a32-8dae-791aca5ddf41", "value": "TinyTyphon" }, @@ -1298,6 +1497,15 @@ "value": "CWoolger" }, { + "related": [ + { + "dest-uuid": "9715c6bc-4b1e-49a2-b1d8-db4f4c4f042c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6ef11b6e-d81a-465b-9dce-fab5c6fe807b", "value": "FireMalv" }, @@ -1319,6 +1527,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "4cbe9373-6b5e-42d0-9750-e0b7fc0d58bb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "0cf21558-1217-4d36-9536-2919cfd44825", @@ -1351,6 +1566,15 @@ "value": "Flame" }, { + "related": [ + { + "dest-uuid": "6ad84f52-0025-4a9d-861a-65c870f47988", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "1b63293f-13f0-4c25-9bf6-6ebc023fc8ff", "value": "Stuxnet" }, @@ -1359,6 +1583,15 @@ "value": "EquationLaser" }, { + "related": [ + { + "dest-uuid": "c4490972-3403-4043-9d61-899c0a440940", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "3e0c2d35-87cb-40f9-b341-a6c8dbec697e", "value": "EquationDrug" }, @@ -1371,6 +1604,15 @@ "value": "TripleFantasy" }, { + "related": [ + { + "dest-uuid": "6d441619-c5f5-45ff-bc63-24cecd0b237e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "1e25d254-3f03-4752-b8d6-023a23e7d4ae", "value": "Fanny" }, @@ -1379,6 +1621,15 @@ "value": "GrayFish" }, { + "related": [ + { + "dest-uuid": "947dffa1-0184-48d4-998e-1899ad97e93e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "57b221bc-7ed6-4080-bc66-813d17009485", "value": "Babar" }, @@ -1387,6 +1638,15 @@ "value": "Bunny" }, { + "related": [ + { + "dest-uuid": "3198501e-0ff0-43b7-96f0-321b463ab656", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "63b3e6fb-9bb8-43dc-9cbf-7681b049b5d6", "value": "Casper" }, @@ -1419,6 +1679,15 @@ "Sensode" ] }, + "related": [ + { + "dest-uuid": "23920e3b-246a-4172-bf9b-5e9f90510a15", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5b9dc67e-bae4-44f3-b58d-6d842a744104", "value": "ZXShell" }, @@ -1546,6 +1815,15 @@ "value": "PCClient RAT" }, { + "related": [ + { + "dest-uuid": "5c860744-bb12-4587-a852-ee060fd4dd64", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "8fb00a59-0dec-4d7f-bd53-9826b3929f39", "value": "Plexor" }, @@ -1582,6 +1860,15 @@ "https://www.fireeye.com/blog/threat-research/2014/09/the-path-to-mass-producing-cyber-attacks.html" ] }, + "related": [ + { + "dest-uuid": "ec50a75e-81f0-48b3-b1df-215eac646421", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c5e3766c-9527-47c3-94db-f10de2c56248", "value": "NewCT" }, @@ -1637,6 +1924,15 @@ "http://pwc.blogs.com/cyber_security_updates/2014/10/scanbox-framework-whos-affected-and-whos-using-it-1.html" ] }, + "related": [ + { + "dest-uuid": "97f12ca8-dc84-4a8c-b4c6-8ec1d1e79631", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4d4528ff-6260-4b5d-b2ea-6e11ca02c396", "value": "Jolob" }, @@ -1646,6 +1942,15 @@ "https://www.fireeye.com/blog/threat-research/2014/09/the-path-to-mass-producing-cyber-attacks.html" ] }, + "related": [ + { + "dest-uuid": "a3f41c96-a5c8-4dfe-b7fa-d9d75f97979a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b9707a57-d15f-4937-b022-52cc17f6783f", "value": "IsSpace" }, @@ -1665,6 +1970,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d29eb927-d53d-4af2-b6ce-17b3a1b34fe7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "3f7616bd-f1de-46ee-87c2-43c0c2edaa28", @@ -1688,6 +2000,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "35e00ff0-704e-4e61-b9bb-9ed20a4a008f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "25cd01bc-1346-4415-8f8d-d3656309ef6b", @@ -1728,6 +2047,15 @@ "value": "Disgufa" }, { + "related": [ + { + "dest-uuid": "eb189fd3-ca39-4bc7-be2d-4ea9e89d9ab9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "c0ea7b89-d246-4eb7-8de4-b4e17e135051", "value": "Elirks" }, @@ -1747,6 +2075,20 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "75329c9e-a218-4299-87b2-8f667cd9e40c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "4f3ad937-bf2f-40cb-9695-a2bedfd41bfa", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "75b01a1e-3269-4f4c-bdba-37af4e9c3f54", @@ -1763,6 +2105,15 @@ "Graftor" ] }, + "related": [ + { + "dest-uuid": "94b942e2-cc29-447b-97e2-e496cbf2aadf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f3ac3d86-0fa2-4049-bfbc-1970004b8d32", "value": "Aumlib" }, @@ -1784,6 +2135,15 @@ "Newsripper" ] }, + "related": [ + { + "dest-uuid": "6bf7aa6a-3003-4222-805e-776cb86dc78a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a8395aae-1496-417d-98ee-3ecbcd9a94a0", "value": "Emdivi" }, @@ -1857,6 +2217,22 @@ "Pony" ] }, + "related": [ + { + "dest-uuid": "4166ab63-24b0-4448-92ea-21c8deef978d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "cd201689-4bf1-4c5b-ac4d-21c4dcc39e7d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ff0404a1-465f-4dd5-8b66-ee773628ca64", "value": "Hancitor" }, @@ -1866,6 +2242,15 @@ "https://www.proofpoint.com/us/threat-insight/post/hancitor-ruckguv-reappear" ] }, + "related": [ + { + "dest-uuid": "b88b50c0-3db9-4b8f-8564-4f56f991bee2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d70bd6a8-5fd4-42e8-8e39-fb18daeccdb2", "value": "Ruckguv" }, @@ -1951,6 +2336,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "0a7d9d22-a26d-4a2b-ab9b-b296176c3ecf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "3e2c99f9-66cd-48be-86e9-d7c1c164d87c", @@ -1969,6 +2361,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "53089817-6d65-4802-a7d2-5ccc3d919b74", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "6d180bd7-3c77-4faf-b98b-dc2ab5f49101", @@ -2043,6 +2442,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "a61fc694-a88a-484d-a648-db35b49932fd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "858edfb8-793a-430b-8acc-4310e7d2f0d3", @@ -2103,6 +2509,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "637000f7-4363-44e0-b795-9cfb7a3dc460", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "2a18f5dd-40fc-444b-a7c6-85f94b3eee13", @@ -2115,6 +2528,15 @@ "https://www.symantec.com/connect/blogs/odinaff-new-trojan-used-high-level-financial-attacks" ] }, + "related": [ + { + "dest-uuid": "045df65f-77fe-4880-af34-62ca33936c6e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e2fa7aea-fb33-4efc-b61b-ccae71b32e7d", "value": "Odinaff" }, @@ -2128,6 +2550,15 @@ "Houdini" ] }, + "related": [ + { + "dest-uuid": "94466a80-964f-467e-b4b3-0e1375174464", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e5f7bb36-c982-4f5a-9b29-ab73d2c5f70e", "value": "Hworm" }, @@ -2181,12 +2612,28 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "8eb9d4aa-257a-45eb-8c65-95c18500171c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "ab4694d6-7043-41f2-b328-d93bec9c1b22", "value": "Adwind" }, { + "related": [ + { + "dest-uuid": "af338ac2-8103-4419-8393-fb4f3b43af4b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "066f8ad3-0c99-43eb-990c-8fae2c232f62", "value": "Bedep" }, @@ -2218,16 +2665,55 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "b4216929-1626-4444-bdd7-bfd4b68a766e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "66781866-f064-467d-925d-5e5f290352f0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "276c2c2e-09da-44cf-a3f7-806b3feb41da", "value": "Dridex" }, { + "related": [ + { + "dest-uuid": "cd201689-4bf1-4c5b-ac4d-21c4dcc39e7d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "652b5242-b790-4695-ad0e-b79bbf78f351", "value": "Fareit" }, { + "related": [ + { + "dest-uuid": "81917a93-6a70-4334-afe2-56904c1fafe9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "40795af6-b721-11e8-9fcb-570c0b384135", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5fe338c6-723e-43ed-8165-43d95fa93689", "value": "Gafgyt" }, @@ -2240,6 +2726,15 @@ "Andromeda" ] }, + "related": [ + { + "dest-uuid": "07f46d21-a5d4-4359-8873-18e30950df1a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "b9f00c61-6cd1-4112-a632-c8d3837a7ddd", "value": "Gamarue" }, @@ -2251,6 +2746,15 @@ "https://www.bleepingcomputer.com/news/security/worlds-largest-spam-botnet-finds-a-new-way-to-avoid-detection-for-now/" ] }, + "related": [ + { + "dest-uuid": "53ad08a6-cca9-401a-a6da-3c0bff2890eb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "97d34770-44cc-4ecb-bdce-ba11581c0e2a", "value": "Necurs" }, @@ -2283,6 +2787,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "2ccaccd0-8362-4224-8497-2012e7cc7549", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "ac2ff27d-a7cb-46fe-ae32-cfe571dc614d", @@ -2290,6 +2801,15 @@ }, { "description": "Upatre is a Trojan downloader that is used to set up other threats on the victim's PC. Upatre has been used recently in several high profile Trojan attacks involving the Gameover Trojan. ", + "related": [ + { + "dest-uuid": "925390a6-f88d-46dc-96ae-4ebc9f0b50b0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "99d9110d-85a4-4819-9f85-05e4b73aa5f3", "value": "Upatre" }, @@ -2307,6 +2827,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "b662c253-5c87-4ae6-a30e-541db0845f67", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "e95dd1ba-7485-4c02-bf2e-14beedbcf053", @@ -2349,6 +2876,22 @@ "https://community.rapid7.com/community/infosec/blog/2013/06/07/keyboy-targeted-attacks-against-vietnam-and-india" ] }, + "related": [ + { + "dest-uuid": "28c13455-7f95-40a5-9568-1e8732503507", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "a673b4fb-a864-4a5b-94ab-3fc4f5606cc8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "74167065-90b3-4c29-807a-79b6f098e45b", "value": "KeyBoy" }, @@ -2362,6 +2905,15 @@ "W32/Seeav" ] }, + "related": [ + { + "dest-uuid": "a673b4fb-a864-4a5b-94ab-3fc4f5606cc8", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2a16a1d4-a098-4f17-80f3-3cfc6c60b539", "value": "Yahoyah" }, @@ -2401,6 +2953,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "variant-of" + }, + { + "dest-uuid": "17e12216-a303-4a00-8283-d3fe92d0934c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "dcbf1aaa-1fdd-4bfc-a35e-145ffdfb5ac5", @@ -2437,6 +2996,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "82c644ab-550a-4a83-9b35-d545f4719069", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "5a22cad7-65fa-4b7a-a7aa-7915a6101efa", @@ -2521,6 +3087,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "4e8c1ab7-2841-4823-a5d1-39284fb0969a", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "0ce448de-c2bb-4c6e-9ad7-c4030f02b4d7", @@ -2540,6 +3113,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "6e668c0c-7085-4951-87d4-0334b6a5cdb3", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "67d712c8-d254-4820-83fa-9a892b87923b", @@ -2578,6 +3158,15 @@ "StrangeLove" ] }, + "related": [ + { + "dest-uuid": "6363cc2f-08f1-47a0-adbf-5cf19ea89ffd", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "74bd8c09-73d5-4ad8-ab1f-e94a4853c936", "value": "MM Core" }, @@ -2607,6 +3196,15 @@ "https://www.bleepingcomputer.com/news/security/new-ghostadmin-malware-used-for-data-theft-and-exfiltration/" ] }, + "related": [ + { + "dest-uuid": "6201c337-1599-4ced-be9e-651a624c20be", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a68f1b43-c742-4f90-974d-2e74ec703e44", "value": "GhostAdmin" }, @@ -2660,6 +3258,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "9b0aa458-dfa9-48af-87ea-c36d1501376c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "ff00fa92-b32e-46b6-88ca-98357ebe3f54", @@ -2924,6 +3529,15 @@ "Backdoor" ] }, + "related": [ + { + "dest-uuid": "7789fc1b-3cbc-4a1c-8ef0-8b06760f93e7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "e336aeba-b61a-44e0-a0df-cd52a5839db5", "value": "poisonivy" }, @@ -3158,6 +3772,15 @@ "https://blogs.forcepoint.com/security-labs/trojanized-adobe-installer-used-install-dragonok%E2%80%99s-new-custom-backdoor" ] }, + "related": [ + { + "dest-uuid": "361d3f09-8bc8-4b5a-803f-8686cf346047", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "72b702d9-43c3-40b9-b004-8d0671225fb8", "value": "KHRAT" }, @@ -3201,6 +3824,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "8465177f-16c8-47fc-a4c8-f4c0409fe460", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "76ec1827-68a1-488f-9899-2b788ea8db64", @@ -3231,6 +3861,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "52acea22-7d88-433c-99e6-8fef1657e3ad", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "9d7c772b-43f1-49cf-bc70-7a7cd2ed34c8", @@ -3244,6 +3881,15 @@ "https://www.welivesecurity.com/2017/04/06/sathurbot-distributed-wordpress-password-attack/" ] }, + "related": [ + { + "dest-uuid": "bdc7cc9c-c46d-4f77-b903-2335cc1a3369", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "35849d8f-5bac-475b-82f8-7d555f37de12", "value": "Sathurbot" }, @@ -3761,6 +4407,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "6eee9bf9-ffce-4c88-a5ad-9d80f6fc727c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "d71604d2-a17e-4b4e-82be-19cb54f93161", @@ -3794,6 +4447,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "a70e93a7-3578-47e1-9926-0818979ed866", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "90124cc8-1205-4e63-83ad-5c45a110b1e6", @@ -4062,6 +4722,15 @@ "http://researchcenter.paloaltonetworks.com/2017/04/unit42-cardinal-rat-active-two-years/" ] }, + "related": [ + { + "dest-uuid": "3d3da4c0-004c-400c-9da6-f83fd35d907e", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "1d9fbf33-faea-40c1-b543-c7b39561f0ff", "value": "Cardinal RAT" }, @@ -4082,6 +4751,15 @@ "http://researchcenter.paloaltonetworks.com/2017/05/unit42-kazuar-multiplatform-espionage-backdoor-api-access/" ] }, + "related": [ + { + "dest-uuid": "bab92070-3589-4b7e-bf05-4f54bfefc2ca", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a5399473-859b-4c64-999b-a3b4070cd513", "value": "Kazuar" }, @@ -4099,6 +4777,22 @@ "TrickLoader" ] }, + "related": [ + { + "dest-uuid": "c824813c-9c79-4917-829a-af72529e8329", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "07e3260b-d80c-4c86-bd28-8adc111bbec6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a7dbd72f-8d53-48c6-a9db-d16e7648b2d4", "value": "Trick Bot" }, @@ -4151,6 +4845,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "ba91d713-c36e-4d98-9fb7-e16496a69eec", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "81f41bae-2ba9-4cec-9613-776be71645ca", @@ -4204,6 +4905,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "f982fa2d-f78f-4fe1-a86d-d10471a3ebcf", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "24ee55e3-697f-482f-8fa8-d05999df40cd", @@ -4256,6 +4964,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d99c0a47-9d61-4d92-86ec-86a87b060d76", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "a33df440-f112-4a5e-a290-3c65dae6091d", @@ -4314,6 +5029,15 @@ "https://www.welivesecurity.com/2017/08/22/gamescom-2017-fun-blackhats/" ] }, + "related": [ + { + "dest-uuid": "8201c8d2-1dab-4473-bbdf-42952b3d5fc6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "673d05fa-4066-442c-bdb6-0c0a2da5ae62", "value": "Joao" }, @@ -4324,6 +5048,15 @@ "https://www.cylance.com/en_us/blog/threat-spotlight-is-fireball-adware-or-malware.html" ] }, + "related": [ + { + "dest-uuid": "9ad28356-184c-4f02-89f5-1b70981598c3", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "968df869-7f60-4420-989f-23dfdbd58668", "value": "Fireball" }, @@ -4334,6 +5067,15 @@ "https://cdn.securelist.com/files/2017/08/ShadowPad_technical_description_PDF.pdf" ] }, + "related": [ + { + "dest-uuid": "e089e945-a523-4d11-a135-396f9b6c1dc7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2448a4e1-46e3-4c42-9fd1-f51f8ede58c1", "value": "ShadowPad" }, @@ -4365,6 +5107,15 @@ "https://researchcenter.paloaltonetworks.com/2017/03/unit42-dimnie-hiding-plain-sight/" ] }, + "related": [ + { + "dest-uuid": "8f5ce8a6-c5fe-4c62-b25b-6ce0f3b724c5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "9fed4326-a7ad-4c58-ab87-90ac3957d82f", "value": "Dimnie" }, @@ -4385,6 +5136,15 @@ "https://securelist.com/the-silence/83009/" ] }, + "related": [ + { + "dest-uuid": "0df52c23-690b-4703-83f7-5befc38ab376", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "304fd753-c917-4008-8f85-81390c37a070", "value": "Silence" }, @@ -4402,6 +5162,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "bbfd4fb4-3e5a-43bf-b4bb-eaf5ef4fb25f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "0a52e73b-d7e9-45ae-9bda-46568f753931", @@ -4414,6 +5181,15 @@ "https://www.proofpoint.com/us/what-old-new-again-nymaim-moves-past-its-ransomware-roots-0" ] }, + "related": [ + { + "dest-uuid": "9b5255c6-44e5-4ec3-bc03-7e00e220c937", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d36f4834-b958-4f32-aff0-5263e0034408", "value": "Nymaim" }, @@ -4430,6 +5206,15 @@ "Gootkit" ] }, + "related": [ + { + "dest-uuid": "329efac7-922e-4d8b-90a9-4a87c3281753", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "07ffcf9f-b9c0-4b22-af4b-78527427e6f5", "value": "GootKit" }, @@ -4441,6 +5226,15 @@ "https://www.bleepingcomputer.com/news/security/zoho-heavily-used-by-keyloggers-to-transmit-stolen-data/" ] }, + "related": [ + { + "dest-uuid": "b88e29cf-79d9-42bc-b369-0383b5e04380", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f8cd62cb-b9d3-4352-8f46-0961cfde104c", "value": "Agent Tesla" }, @@ -4454,6 +5248,15 @@ "HSDFSDCrypt" ] }, + "related": [ + { + "dest-uuid": "7fd96553-4c78-43de-824f-82645ed4fac5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "1d46f816-d159-4457-b98e-c34307d90655", "value": "Ordinypt" }, @@ -4500,6 +5303,15 @@ "https://www.bleepingcomputer.com/news/security/worlds-largest-spam-botnet-finds-a-new-way-to-avoid-detection-for-now/" ] }, + "related": [ + { + "dest-uuid": "e6005ce5-3e3d-4dfb-8de7-3da45e89e549", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2d1aadfb-03c1-4580-b6ac-f12c6941067d", "value": "Quant Loader" }, @@ -4510,6 +5322,15 @@ "https://www.welivesecurity.com/2013/01/24/linux-sshdoor-a-backdoored-ssh-daemon-that-steals-passwords/" ] }, + "related": [ + { + "dest-uuid": "275d65b9-0894-4c9b-a255-83daddb2589c", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f258f96c-8281-4b24-8aa7-4e23d1a5540e", "value": "SSHDoor" }, @@ -4599,6 +5420,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "9e5d83a8-1181-43fe-a77f-28c8c75ffbd0", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "1ad4697b-3388-48ed-8621-85abebf5dbbf", @@ -4621,6 +5449,15 @@ "https://www.proofpoint.com/sites/default/files/pfpt-us-wp-north-korea-bitten-by-bitcoin-bug.pdf" ] }, + "related": [ + { + "dest-uuid": "606f778a-8b99-4880-8da8-b923651d627b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "1f1be19e-d1b5-408b-90a0-03ad27cc8924", "value": "PowerRatankba" }, @@ -4667,6 +5504,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "e6a077cb-42cc-4193-9006-9ceda8c0dff2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "837a295c-15ff-41c0-9b7e-5f2fb502b00a", @@ -4679,6 +5523,15 @@ "https://www.welivesecurity.com/2017/09/28/monero-money-mining-malware/" ] }, + "related": [ + { + "dest-uuid": "c57a4168-cd09-4611-a665-bbcede80f42b", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "89bd2020-2594-45c4-8957-522c0ac41370", "value": "CoinMiner" }, @@ -4689,6 +5542,15 @@ "https://objective-see.com/blog/blog_0x25.html#FruitFly" ] }, + "related": [ + { + "dest-uuid": "a517cdd1-6c82-4b29-bdd2-87e281227597", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "6a6525b9-4656-4973-ab45-588592395d0c", "value": "FruitFly" }, @@ -4702,6 +5564,15 @@ "iKitten" ] }, + "related": [ + { + "dest-uuid": "910d3c78-1a9e-4600-a3ea-4aa5563f0f13", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "14f08f6f-7f58-48a8-8469-472244ffb571", "value": "MacDownloader" }, @@ -4735,6 +5606,15 @@ "https://objective-see.com/blog/blog_0x25.html" ] }, + "related": [ + { + "dest-uuid": "aa1bf4e5-9c44-42a2-84e5-7526e4349405", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4e2f0af2-6d2d-4a49-adc9-fae3745fcb72", "value": "Mughthesec" }, @@ -4745,6 +5625,15 @@ "https://objective-see.com/blog/blog_0x25.html" ] }, + "related": [ + { + "dest-uuid": "70059ec2-9315-4af7-b65b-2ec35676a7bb", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "29e52693-b325-4c14-93de-8f2ff9dca8bf", "value": "Pwnet" }, @@ -4755,6 +5644,15 @@ "https://objective-see.com/blog/blog_0x25.html" ] }, + "related": [ + { + "dest-uuid": "74360d1e-8f85-44d1-8ce7-e76afb652142", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5bc62523-dc80-46b4-b5cb-9caf44c11552", "value": "CpuMeaner" }, @@ -4788,6 +5686,15 @@ "http://blog.jpcert.or.jp/.s/2018/03/malware-tscooki-7aa0.html" ] }, + "related": [ + { + "dest-uuid": "43a56ed7-8092-4b36-998c-349b02b3bd0d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a71ed71f-b8f4-416d-9c57-910a42e59430", "value": "TSCookie" }, @@ -4830,6 +5737,20 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "bab647d7-c9d6-4697-8fd2-1295c7429e1f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + }, + { + "dest-uuid": "2f899e3e-1a46-43ea-8e68-140603ce943d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "70c31066-237a-11e8-8eff-37ef1ad0c703", @@ -4913,6 +5834,15 @@ "https://www.ncsc.gov.uk/content/files/protected_files/article_files/Turla%20group%20using%20Neuron%20and%20Nautilus%20tools%20alongside%20Snake%20malware_0.pdf" ] }, + "related": [ + { + "dest-uuid": "101c2c0e-c082-4b5a-b820-2da789e839d9", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "5c2eeaec-25e3-11e8-9d28-7f64aba5b173", "value": "Neuron" }, @@ -4923,6 +5853,15 @@ "https://www.ncsc.gov.uk/content/files/protected_files/article_files/Turla%20group%20using%20Neuron%20and%20Nautilus%20tools%20alongside%20Snake%20malware_0.pdf" ] }, + "related": [ + { + "dest-uuid": "d8295eba-60ef-4900-8091-d694180de565", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "73cb7ecc-25e3-11e8-a97b-c35ec4e7dcf8", "value": "Nautilus" }, @@ -5210,6 +6149,15 @@ "https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-an-analysis-of-royalcli-and-royaldns/" ] }, + "related": [ + { + "dest-uuid": "92d87656-5e5b-410c-bdb6-bf028324dc72", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "ac04d0b0-c6b5-4125-acd7-c58dfe7ad4cf", "value": "RoyalCli" }, @@ -5228,6 +6176,15 @@ "https://www.us-cert.gov/sites/default/files/publications/MAR-10135536.11.WHITE.pdf" ] }, + "related": [ + { + "dest-uuid": "d31f1c73-d14b-41e2-bb16-81ee1d886e43", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "3784c74-691a-4110-94f6-66e60224aa92", "value": "SHARPKNOT" }, @@ -5241,6 +6198,15 @@ "KillDisk" ] }, + "related": [ + { + "dest-uuid": "e81f3e3f-966c-4c99-8d4b-fc0a1d3bb027", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "aef0fdd4-38b6-11e8-afdd-3b6145112467", "value": "KillDisk Wiper" }, @@ -5278,6 +6244,15 @@ "ROVNIX" ] }, + "related": [ + { + "dest-uuid": "8d984309-b7fa-4ccf-a6b7-da17283aae2f", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "a4036a28-3d94-11e8-ad9f-97ada3c6d5fb", "value": "Rovnix" }, @@ -5288,6 +6263,15 @@ "https://www.symantec.com/blogs/threat-intelligence/orangeworm-targets-healthcare-us-europe-asia" ] }, + "related": [ + { + "dest-uuid": "2fc93875-eebb-41ff-a66e-84471c6cd5a3", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d1e548b8-4793-11e8-8dea-6beff82cac0a", "value": "Kwampirs" }, @@ -5350,6 +6334,15 @@ "https://www.bleepingcomputer.com/news/security/north-korean-hackers-are-up-to-no-good-again/" ] }, + "related": [ + { + "dest-uuid": "bc67677c-c0e7-4fb1-8619-7f43fa3ff886", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d9431c02-5391-11e8-931f-4beceb8bd697", "value": "Bankshot" }, @@ -5415,6 +6408,15 @@ "https://www.us-cert.gov/ncas/alerts/TA18-149A" ] }, + "related": [ + { + "dest-uuid": "d97ae60e-612a-4feb-908a-8c4d32e9d763", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "4c057ade-6989-11e8-9efd-ab33ed427468", "value": "Brambul" }, @@ -5425,6 +6427,15 @@ "https://blog.jpcert.or.jp/2018/06/plead-downloader-used-by-blacktech.html" ] }, + "related": [ + { + "dest-uuid": "43a56ed7-8092-4b36-998c-349b02b3bd0d", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "d1482c9e-6af3-11e8-aa8e-279274bd10c7", "value": "PLEAD" }, @@ -5445,6 +6456,15 @@ "https://www.bleepingcomputer.com/news/security/invisimole-is-a-complex-spyware-that-can-take-pictures-and-record-audio/" ] }, + "related": [ + { + "dest-uuid": "22755fda-497e-4ef0-823e-5cb6d8701420", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "10f50ef8-6e3b-11e8-a648-d73fb4d2f48e", "value": "InvisiMole" }, @@ -5455,6 +6475,15 @@ "https://securelist.com/roaming-mantis-uses-dns-hijacking-to-infect-android-smartphones/85178/" ] }, + "related": [ + { + "dest-uuid": "31d2ce1f-44bf-4738-a41d-ddb43466cd82", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f35f219a-6eed-11e8-980a-93bb96299951", "value": "Roaming Mantis" }, @@ -5497,6 +6526,15 @@ "https://www.bleepingcomputer.com/news/security/malware-that-hit-pyeongchang-olympics-deployed-in-new-attacks/" ] }, + "related": [ + { + "dest-uuid": "f3ba8a50-0105-4aa9-90b2-01df15f50b28", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "76d5c7a2-73c3-11e8-bd92-db4d715af093", "value": "Olympic Destroyer" }, @@ -5507,6 +6545,15 @@ "https://researchcenter.paloaltonetworks.com/2018/06/unit42-rancor-targeted-attacks-south-east-asia-using-plaintee-ddkong-malware-families/" ] }, + "related": [ + { + "dest-uuid": "cae8384d-b01b-4f9c-a31b-f693e12ea6b2", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "57dd0828-79d7-11e8-a7d8-57db14e1ef24", "value": "DDKONG" }, @@ -5517,6 +6564,15 @@ "https://researchcenter.paloaltonetworks.com/2018/06/unit42-rancor-targeted-attacks-south-east-asia-using-plaintee-ddkong-malware-families/" ] }, + "related": [ + { + "dest-uuid": "66087a9c-b5ac-4d6d-b79e-c0294728c876", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "58b24db2-79d7-11e8-9b1b-bbdbc798af4f", "value": "PLAINTEE" }, @@ -5528,6 +6584,15 @@ "https://researchcenter.paloaltonetworks.com/2018/06/unit42-sofacy-groups-parallel-attacks/" ] }, + "related": [ + { + "dest-uuid": "3b5faa15-e87e-4aaf-b791-2c5e593793e6", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f9e0b922-253c-40fa-a6d2-e60ec9c6980b", "value": "Koadic" }, @@ -5539,6 +6604,15 @@ "https://camal.coseinc.com/publish/2013Bisonal.pdf" ] }, + "related": [ + { + "dest-uuid": "52d98d2f-db62-430d-8658-5cadaeff6cd7", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "23f6da78-873a-4ab0-9167-c8b0563627a5", "value": "Bisonal" }, @@ -5615,6 +6689,15 @@ "https://www.crowdstrike.com/blog/arrests-put-new-focus-on-carbon-spider-adversary-group/" ] }, + "related": [ + { + "dest-uuid": "fb75a753-24ba-4b58-b7ed-2e39b0c68c65", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "81faf0c1-0595-436b-a66a-05d8b435bccd", "value": "Bateleur" }, @@ -5635,6 +6718,15 @@ "https://www.sophos.com/en-us/medialibrary/PDFs/technical-papers/SamSam-The-Almost-Six-Million-Dollar-Ransomware.pdf" ] }, + "related": [ + { + "dest-uuid": "9ee0eb87-7648-4581-b301-7472a48946ad", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "2c62f08a-9bd9-11e8-9e20-db9ec0d2b277", "value": "reGeorg" }, @@ -5744,6 +6836,15 @@ "https://www.us-cert.gov/ncas/analysis-reports/AR18-221A" ] }, + "related": [ + { + "dest-uuid": "0c213d7f-8c71-4341-aeb0-13be71fbf4e5", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "f7f53bb8-37ed-4bbe-9809-ca1594431536", "value": "KEYMARBLE" }, @@ -5808,6 +6909,15 @@ "Not Petya" ] }, + "related": [ + { + "dest-uuid": "6f736038-4f74-435b-8904-6870ee0e23ba", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], "uuid": "00c31914-bc0e-11e8-8241-3ff3b5e4671d", "value": "NotPetya" }, @@ -5885,5 +6995,5 @@ "value": "CoalaBot" } ], - "version": 93 -} + "version": 94 +} \ No newline at end of file diff --git a/tools/gen_mapping.py b/tools/gen_mapping.py index d13b10b..6a50eb7 100755 --- a/tools/gen_mapping.py +++ b/tools/gen_mapping.py @@ -54,7 +54,8 @@ type_mapping = { # 'mitre-mobile-attack-course-of-action': '', 'mitre-pre-attack-intrusion-set': 'actor', # 'mitre-enterprise-attack-relationship': '', - 'tds': 'tool' + 'tds': 'tool', + 'malpedia': 'tool' } @@ -103,6 +104,7 @@ if __name__ == '__main__': # ignore the galaxies that are not relevant for us if galaxy not in type_mapping: + print("Ignoring galaxy '{}' as it is not in the mapping.".format(galaxy)) continue # process the entries in each cluster