Merge pull request #675 from nyx0/main

Add Motnug tool.
pull/676/head
Alexandre Dulaunoy 2022-01-12 22:09:47 +01:00 committed by GitHub
commit ffd2e74daa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 24 additions and 2 deletions

View File

@ -8898,7 +8898,18 @@
}, },
"uuid": "f6d02ac3-3447-4892-b844-1ef31839e04f", "uuid": "f6d02ac3-3447-4892-b844-1ef31839e04f",
"value": "SideCopy" "value": "SideCopy"
},
{
"description": "AQUATIC PANDA is a China-based targeted intrusion adversary with a dual mission of intelligence collection and industrial espionage. It has likely operated since at least May 2020. AQUATIC PANDA operations have primarily focused on entities in the telecommunications, technology and government sectors. AQUATIC PANDA relies heavily on Cobalt Strike, and its toolset includes the unique Cobalt Strike downloader tracked as FishMaster. AQUATIC PANDA has also been observed delivering njRAT payloads to targets.",
"meta": {
"country": "CN",
"refs": [
"https://www.crowdstrike.com/blog/overwatch-exposes-aquatic-panda-in-possession-of-log-4-shell-exploit-tools/"
]
},
"uuid": "676c1129-5664-4698-92ee-031f81baefce",
"value": "AQUATIC PANDA"
} }
], ],
"version": 209 "version": 210
} }

View File

@ -8450,7 +8450,18 @@
}, },
"uuid": "d5b31712-a5b4-4b1c-9a74-4340abc61210", "uuid": "d5b31712-a5b4-4b1c-9a74-4340abc61210",
"value": "ESPecter bootkit" "value": "ESPecter bootkit"
},
{
"description": "Motnug is a simple shellcode loader that is used to load and execute shellcode located either in its overlay or in a separate file stored on disk.",
"meta": {
"refs": [
"https://www.welivesecurity.com/2021/08/24/sidewalk-may-be-as-dangerous-as-crosswalk/",
"https://www.welivesecurity.com/2021/09/23/famoussparrow-suspicious-hotel-guest/"
]
},
"uuid": "f3bae23a-ec73-49cb-8149-f93578bb2bff",
"value": "Motnug"
} }
], ],
"version": 148 "version": 149
} }