MISP
/
misp-taxonomies
mirror of https://github.com/MISP/misp-taxonomies
2
0
Fork 0
Code Issues Releases Wiki Activity
misp-taxonomies/mwdb/machinetag.json

458 lines
9.6 KiB
JSON
Raw Blame History

{
"namespace": "mwdb",
"description": "Malware Database (mwdb) Taxonomy - Tags used across the platform",
"version": 2,
"predicates": [
{
"value": "location_type",
"expanded": "Location Type",
"description": "Type of malicious URL."
},
{
"value": "family",
"expanded": "Malware Family"
}
],
"values": [
{
"predicate": "location_type",
"entry": [
{
"value": "cnc",
"expanded": "CNC",
"description": "C&C server, usually administrated by criminals. Malware connects to it (usually with a custom protocol) to get new commands and updates."
},
{
"value": "download_url",
"expanded": "Download URL",
"description": "Download url. Used to download more malware samples. Sometimes just a hacked legitimate website."
},
{
"value": "panel",
"expanded": "Panel",
"description": "Malware panel. HTTP service used by criminals to manage the botnet."
},
{
"value": "peer",
"expanded": "Peer",
"description": "Peer. IP/port of infected machine of a legitimate computer user."
},
{
"value": "other",
"expanded": "Other",
"description": "Other kind of URL found in the malware."
}
]
},
{
"predicate": "family",
"entry": [
{
"value": "agenttesla",
"expanded": "agenttesla"
},
{
"value": "andromeda",
"expanded": "andromeda"
},
{
"value": "anubis",
"expanded": "anubis"
},
{
"value": "avemaria",
"expanded": "avemaria"
},
{
"value": "azorult",
"expanded": "azorult"
},
{
"value": "brushaloader",
"expanded": "brushaloader"
},
{
"value": "bublik",
"expanded": "bublik"
},
{
"value": "bunitu",
"expanded": "bunitu"
},
{
"value": "cerber",
"expanded": "cerber"
},
{
"value": "chthonic",
"expanded": "chthonic"
},
{
"value": "citadel",
"expanded": "citadel"
},
{
"value": "corebot",
"expanded": "corebot"
},
{
"value": "cryptomix",
"expanded": "cryptomix"
},
{
"value": "cryptoshield",
"expanded": "cryptoshield"
},
{
"value": "cryptowall",
"expanded": "cryptowall"
},
{
"value": "danabot",
"expanded": "danabot"
},
{
"value": "danaloader",
"expanded": "danaloader"
},
{
"value": "dridex",
"expanded": "dridex"
},
{
"value": "dridex-worker",
"expanded": "dridex-worker"
},
{
"value": "dyre",
"expanded": "dyre"
},
{
"value": "emotet",
"expanded": "emotet"
},
{
"value": "emotet5_upnp",
"expanded": "emotet5_upnp"
},
{
"value": "emotet_doc",
"expanded": "emotet_doc"
},
{
"value": "emotet_spam",
"expanded": "emotet_spam"
},
{
"value": "emotet_upnp",
"expanded": "emotet_upnp"
},
{
"value": "evil-pony",
"expanded": "evil-pony"
},
{
"value": "flokibot",
"expanded": "flokibot"
},
{
"value": "formbook",
"expanded": "formbook"
},
{
"value": "gandcrab",
"expanded": "gandcrab"
},
{
"value": "get2",
"expanded": "get2"
},
{
"value": "globeimposter",
"expanded": "globeimposter"
},
{
"value": "gluedropper",
"expanded": "gluedropper"
},
{
"value": "gootkit",
"expanded": "gootkit"
},
{
"value": "h1n1",
"expanded": "h1n1"
},
{
"value": "hancitor",
"expanded": "hancitor"
},
{
"value": "hawkeye",
"expanded": "hawkeye"
},
{
"value": "icedid",
"expanded": "icedid"
},
{
"value": "iceid",
"expanded": "iceid"
},
{
"value": "iceix",
"expanded": "iceix"
},
{
"value": "isfb",
"expanded": "isfb"
},
{
"value": "jaff",
"expanded": "jaff"
},
{
"value": "kbot",
"expanded": "kbot"
},
{
"value": "kegotip",
"expanded": "kegotip"
},
{
"value": "kins",
"expanded": "kins"
},
{
"value": "kovter",
"expanded": "kovter"
},
{
"value": "kpot",
"expanded": "kpot"
},
{
"value": "kronos",
"expanded": "kronos"
},
{
"value": "locky",
"expanded": "locky"
},
{
"value": "lokibot",
"expanded": "lokibot"
},
{
"value": "madlocker",
"expanded": "madlocker"
},
{
"value": "madness_pro",
"expanded": "madness_pro"
},
{
"value": "maoloa",
"expanded": "maoloa"
},
{
"value": "mirai",
"expanded": "mirai"
},
{
"value": "mmbb",
"expanded": "mmbb"
},
{
"value": "nanocore",
"expanded": "nanocore"
},
{
"value": "necurs",
"expanded": "necurs"
},
{
"value": "netwire",
"expanded": "netwire"
},
{
"value": "neutrino",
"expanded": "neutrino"
},
{
"value": "njrat",
"expanded": "njrat"
},
{
"value": "nymaim",
"expanded": "nymaim"
},
{
"value": "odinaff",
"expanded": "odinaff"
},
{
"value": "onliner",
"expanded": "onliner"
},
{
"value": "ostap",
"expanded": "ostap"
},
{
"value": "panda",
"expanded": "panda"
},
{
"value": "phorpiex",
"expanded": "phorpiex"
},
{
"value": "pony",
"expanded": "pony"
},
{
"value": "pushdo",
"expanded": "pushdo"
},
{
"value": "qadars",
"expanded": "qadars"
},
{
"value": "qakbot",
"expanded": "qakbot"
},
{
"value": "quantloader",
"expanded": "quantloader"
},
{
"value": "quasarrat",
"expanded": "quasarrat"
},
{
"value": "ramnit",
"expanded": "ramnit"
},
{
"value": "remcos",
"expanded": "remcos"
},
{
"value": "retefe",
"expanded": "retefe"
},
{
"value": "ruckguv",
"expanded": "ruckguv"
},
{
"value": "sage",
"expanded": "sage"
},
{
"value": "sendsafe",
"expanded": "sendsafe"
},
{
"value": "shifu",
"expanded": "shifu"
},
{
"value": "slave",
"expanded": "slave"
},
{
"value": "smokeloader",
"expanded": "smokeloader"
},
{
"value": "systembc",
"expanded": "systembc"
},
{
"value": "teslacrypt",
"expanded": "teslacrypt"
},
{
"value": "test",
"expanded": "test"
},
{
"value": "testmod",
"expanded": "testmod"
},
{
"value": "tinba",
"expanded": "tinba"
},
{
"value": "tinba_dga",
"expanded": "tinba_dga"
},
{
"value": "tinynuke",
"expanded": "tinynuke"
},
{
"value": "tofsee",
"expanded": "tofsee"
},
{
"value": "torment",
"expanded": "torment"
},
{
"value": "torrentlocker",
"expanded": "torrentlocker"
},
{
"value": "trickbot",
"expanded": "trickbot"
},
{
"value": "troldesh",
"expanded": "troldesh"
},
{
"value": "unknown",
"expanded": "unknown"
},
{
"value": "vawtrak",
"expanded": "vawtrak"
},
{
"value": "vjworm",
"expanded": "vjworm"
},
{
"value": "vmzeus",
"expanded": "vmzeus"
},
{
"value": "vmzeus2",
"expanded": "vmzeus2"
},
{
"value": "wannacry",
"expanded": "wannacry"
},
{
"value": "xagent",
"expanded": "xagent"
},
{
"value": "zeus",
"expanded": "zeus"
},
{
"value": "zloader",
"expanded": "zloader"
}
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink