mirror of https://github.com/MISP/misp-galaxy
512 lines
7.3 KiB
JSON
512 lines
7.3 KiB
JSON
{
|
|
"values": [
|
|
{
|
|
"value": "Android Trojan"
|
|
},
|
|
{
|
|
"value": "Backdoor"
|
|
},
|
|
{
|
|
"value": "Banking Trojan"
|
|
},
|
|
{
|
|
"value": "Bot"
|
|
},
|
|
{
|
|
"value": "DDoS malware"
|
|
},
|
|
{
|
|
"value": "Espionage malware"
|
|
},
|
|
{
|
|
"value": "Exploit kit"
|
|
},
|
|
{
|
|
"value": "Keylogger"
|
|
},
|
|
{
|
|
"value": "Mac Backdoor"
|
|
},
|
|
{
|
|
"value": "Mac Trojan"
|
|
},
|
|
{
|
|
"value": "Malware site"
|
|
},
|
|
{
|
|
"value": "RAT"
|
|
},
|
|
{
|
|
"value": "Rootkit"
|
|
},
|
|
{
|
|
"value": "SQLI malware"
|
|
},
|
|
{
|
|
"value": "Toolkit"
|
|
},
|
|
{
|
|
"value": "Trojan"
|
|
},
|
|
{
|
|
"value": "Other"
|
|
},
|
|
{
|
|
"value": "Unknown"
|
|
},
|
|
{
|
|
"value": "Ransomware"
|
|
},
|
|
{
|
|
"value": "Dark Net Market"
|
|
},
|
|
{
|
|
"value": "Destructive"
|
|
},
|
|
{
|
|
"value": "Forums"
|
|
},
|
|
{
|
|
"value": "Domain Registration"
|
|
},
|
|
{
|
|
"value": "POS malware"
|
|
},
|
|
{
|
|
"value": "Hosting"
|
|
},
|
|
{
|
|
"value": "ICS"
|
|
},
|
|
{
|
|
"value": "Android app"
|
|
},
|
|
{
|
|
"value": "Privacy"
|
|
},
|
|
{
|
|
"value": "Safe browsing"
|
|
},
|
|
{
|
|
"value": "Safe internet search"
|
|
},
|
|
{
|
|
"value": "Peer-to-peer"
|
|
},
|
|
{
|
|
"value": "Crypto"
|
|
},
|
|
{
|
|
"value": "Social media"
|
|
},
|
|
{
|
|
"value": "Identity Theft"
|
|
},
|
|
{
|
|
"value": "VPN"
|
|
},
|
|
{
|
|
"value": "Speech recognition software"
|
|
},
|
|
{
|
|
"value": "Encrypted email"
|
|
},
|
|
{
|
|
"value": "Messaging"
|
|
},
|
|
{
|
|
"value": "ATM malware"
|
|
},
|
|
{
|
|
"value": "Network mapper"
|
|
},
|
|
{
|
|
"value": "Pentest tool"
|
|
},
|
|
{
|
|
"value": "Authentication bypass"
|
|
},
|
|
{
|
|
"value": "Phishing infra"
|
|
},
|
|
{
|
|
"value": "Dox and ransom"
|
|
},
|
|
{
|
|
"value": "Hot patching"
|
|
},
|
|
{
|
|
"value": "Arsenal"
|
|
},
|
|
{
|
|
"value": "CVE"
|
|
},
|
|
{
|
|
"value": "Fake website"
|
|
},
|
|
{
|
|
"value": "Information stealer"
|
|
},
|
|
{
|
|
"value": "DoS"
|
|
},
|
|
{
|
|
"value": "Worm"
|
|
},
|
|
{
|
|
"value": "Downloader"
|
|
},
|
|
{
|
|
"value": "Loader"
|
|
},
|
|
{
|
|
"value": "Infostealer"
|
|
},
|
|
{
|
|
"value": "RF Signals Intercepter"
|
|
},
|
|
{
|
|
"value": "Wireless Keystroke Logger"
|
|
},
|
|
{
|
|
"value": "Recon tool"
|
|
},
|
|
{
|
|
"value": "Website"
|
|
},
|
|
{
|
|
"value": "Website recon"
|
|
},
|
|
{
|
|
"value": "Malware features"
|
|
},
|
|
{
|
|
"value": "URL shortener service"
|
|
},
|
|
{
|
|
"value": "Information Warfare"
|
|
},
|
|
{
|
|
"value": "Programming language"
|
|
},
|
|
{
|
|
"value": "Port scanner"
|
|
},
|
|
{
|
|
"value": "Installer"
|
|
},
|
|
{
|
|
"value": "CMS exploitation"
|
|
},
|
|
{
|
|
"value": "Remote execution tool"
|
|
},
|
|
{
|
|
"value": "Service"
|
|
},
|
|
{
|
|
"value": "Money miner"
|
|
},
|
|
{
|
|
"value": "Remote administration tool"
|
|
},
|
|
{
|
|
"value": "First-stage"
|
|
},
|
|
{
|
|
"value": "Dropper"
|
|
},
|
|
{
|
|
"value": "Virtual server penetration"
|
|
},
|
|
{
|
|
"value": "Scripting language"
|
|
},
|
|
{
|
|
"value": "Adware"
|
|
},
|
|
{
|
|
"value": "Obfuscation technique"
|
|
},
|
|
{
|
|
"value": "Drive-by attack"
|
|
},
|
|
{
|
|
"value": "PLC worm"
|
|
},
|
|
{
|
|
"value": "Blog"
|
|
},
|
|
{
|
|
"value": "Account checker"
|
|
},
|
|
{
|
|
"value": "Internet Control"
|
|
},
|
|
{
|
|
"value": "C2"
|
|
},
|
|
{
|
|
"value": "Scanning routers"
|
|
},
|
|
{
|
|
"value": "Take over"
|
|
},
|
|
{
|
|
"value": "Credit Card Fraud"
|
|
},
|
|
{
|
|
"value": "DDoS Tool"
|
|
},
|
|
{
|
|
"value": "IoT bot"
|
|
},
|
|
{
|
|
"value": "Targeting"
|
|
},
|
|
{
|
|
"value": "cryptocurrency"
|
|
},
|
|
{
|
|
"value": "Anti-analysis"
|
|
},
|
|
{
|
|
"value": "persistence"
|
|
},
|
|
{
|
|
"value": "Anti-detection"
|
|
},
|
|
{
|
|
"value": "Phishing-theme"
|
|
},
|
|
{
|
|
"value": "OpSec"
|
|
},
|
|
{
|
|
"value": "Automatic phone calls"
|
|
},
|
|
{
|
|
"value": "Selling"
|
|
},
|
|
{
|
|
"value": "Extortion"
|
|
},
|
|
{
|
|
"value": "Watering hole"
|
|
},
|
|
{
|
|
"value": "Sharing platform"
|
|
},
|
|
{
|
|
"value": "Sideloading"
|
|
},
|
|
{"value": "Operating System"
|
|
},
|
|
{"value": "Sample"
|
|
},
|
|
{"value": "Buffer overflow"
|
|
},
|
|
{
|
|
"value": "Online magazine"
|
|
},
|
|
{
|
|
"value": "Spoofing"
|
|
},
|
|
{
|
|
"value": "Ransomware-as-a-Service"
|
|
},
|
|
{
|
|
"value": "Spambot"
|
|
},
|
|
{
|
|
"value": "HTTP bot"
|
|
},
|
|
{
|
|
"value": "Shop"
|
|
},
|
|
{
|
|
"value": "Password recovery"
|
|
},
|
|
{
|
|
"value": "Password manager"
|
|
},
|
|
{
|
|
"value": "Certificate exploit"
|
|
},
|
|
{
|
|
"value": "Mailer"
|
|
},
|
|
{
|
|
"value": "Card"
|
|
},
|
|
{
|
|
"value": "Powershell agent"
|
|
},
|
|
{
|
|
"value": "Skimmer"
|
|
},
|
|
{
|
|
"value": "Exploit"
|
|
},
|
|
{
|
|
"value": "Medical device tampering"
|
|
},
|
|
{
|
|
"value": "App store"
|
|
},
|
|
{
|
|
"value": "Scareware"
|
|
},
|
|
{
|
|
"value": "Payment platform"
|
|
},
|
|
{
|
|
"value": "Man-in-the-middle"
|
|
},
|
|
{
|
|
"value": "Switch ttack"
|
|
},
|
|
{
|
|
"value": "Switch attack"
|
|
},
|
|
{
|
|
"value": "Browser hijacker"
|
|
},
|
|
{
|
|
"value": "Supply chain attack"
|
|
},
|
|
{
|
|
"value": "Powershell scripts"
|
|
},
|
|
{
|
|
"value": "Malicious iFrame injects"
|
|
},
|
|
{
|
|
"value": "Dumps grabber"
|
|
},
|
|
{
|
|
"value": "Exfiltration tool"
|
|
},
|
|
{
|
|
"value": "Code injection"
|
|
},
|
|
{
|
|
"value": "Mobile malware"
|
|
},
|
|
{
|
|
"value": "Zero-Day"
|
|
},
|
|
{
|
|
"value": "Multi-stage implant framework"
|
|
},
|
|
{
|
|
"value": "Second-stage"
|
|
},
|
|
{
|
|
"value": "IRC"
|
|
},
|
|
{
|
|
"value": "Administration"
|
|
},
|
|
{
|
|
"value": "XSS tool"
|
|
},
|
|
{
|
|
"value": "Tracking program"
|
|
},
|
|
{
|
|
"value": "HTTP loader"
|
|
},
|
|
{
|
|
"value": "Spyware"
|
|
},
|
|
{
|
|
"value": "Bitcoin stealer"
|
|
},
|
|
{
|
|
"value": "Phone bot"
|
|
},
|
|
{
|
|
"value": "Video editor"
|
|
},
|
|
{
|
|
"value": "URL shortening service"
|
|
},
|
|
{
|
|
"value": "Fraud"
|
|
},
|
|
{
|
|
"value": "Spreading mechanisms"
|
|
},
|
|
{
|
|
"value": "Android bot"
|
|
},
|
|
{
|
|
"value": "Disinformation"
|
|
},
|
|
{
|
|
"value": "Mineware"
|
|
},
|
|
{
|
|
"value": "CWE"
|
|
},
|
|
{
|
|
"value": "SCADA malware"
|
|
},
|
|
{
|
|
"value": "Crypter"
|
|
},
|
|
{
|
|
"value": "Phishing"
|
|
},
|
|
{
|
|
"value": "Template injection"
|
|
},
|
|
{
|
|
"value": "Credential stealer"
|
|
},
|
|
{
|
|
"value": "Crypto currency exchange and trading platform"
|
|
},
|
|
{
|
|
"value": "cryptocurrency mining malware"
|
|
},
|
|
{
|
|
"value": "Card shop"
|
|
},
|
|
{
|
|
"value": "Evasion"
|
|
},
|
|
{
|
|
"value": "Browser"
|
|
},
|
|
{
|
|
"value": "Wiper"
|
|
},
|
|
{
|
|
"value": "cryptocurrency cloud mining"
|
|
},
|
|
{
|
|
"value": "Distribution vector"
|
|
},
|
|
{
|
|
"value": "Postscript Abuse"
|
|
},
|
|
{
|
|
"value": "Bolware"
|
|
},
|
|
{
|
|
"value": "Software"
|
|
},
|
|
{
|
|
"value": "Proxy malware"
|
|
}
|
|
],
|
|
"version" : 1,
|
|
"description": "ttp type vocab as defined by Cert EU.",
|
|
"source": "Cert EU",
|
|
"author": ["Cert EU"],
|
|
"uuid": "55224678-b017-11e7-874d-971b517d8cba",
|
|
"type": "ttp-type-vocabulary"
|
|
}
|