MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [tool] BabyShark added

pull/355/head
Alexandre Dulaunoy 2019-02-22 22:44:44 +01:00
parent 38283f0f86
commit f2c80cbcdd
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
clusters/tool.json
View File

@ -7542,7 +7542,17 @@
},
"uuid": "588b97ff-3434-4aa1-a5fd-815e1bb0178b",
"value": "ANEL"
},
{
"value": "BabyShark",
"uuid": "78ed653d-2d76-4a99-849e-1509e4573c32",
"description": "BabyShark is a relatively new malware. The earliest sample we found from open source repositories and our internal data sets was seen in November 2018. The malware is launched by executing the first stage HTA from a remote location, thus it can be delivered via different file types including PE files as well as malicious documents. It exfiltrates system information to C2 server, maintains persistence on the system, and waits for further instruction from the operator.",
"meta": {
"refs": [
"https://unit42.paloaltonetworks.com/new-babyshark-malware-targets-u-s-national-security-think-tanks/"
]
}
}
],
"version": 109
"version": 110
}