new: [static/graphs] graphs for MISP galaxy documentation

pull/56/head
Alexandre Dulaunoy 2022-02-01 15:15:50 +01:00
parent 41d5fc3393
commit 5a5bb5b485
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
2408 changed files with 2408 additions and 0 deletions

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"threat-actor=FIN7" [label="threat-actor\nFIN7",shape=octagon,style=filled,color=indianred1];"threat-actor=FIN7" -> "mitre-enterprise-attack-intrusion-set=FIN7 - G0046" [label="similar",dir="both"];"threat-actor=FIN7" -> "mitre-enterprise-attack-intrusion-set=Carbanak - G0008" [label="similar",dir="both"];"mitre-enterprise-attack-intrusion-set=FIN7 - G0046" [label="mitre-enterprise-attack-intrusion-set\nFIN7 - G0046",shape=octagon,style=filled,color=indianred1];"mitre-enterprise-attack-intrusion-set=FIN7 - G0046" -> "mitre-enterprise-attack-attack-pattern=Scheduled Task - T1053" [label="uses",];"mitre-enterprise-attack-intrusion-set=Carbanak - G0008" [label="mitre-enterprise-attack-intrusion-set\nCarbanak - G0008",shape=octagon,style=filled,color=indianred1];"mitre-enterprise-attack-intrusion-set=Carbanak - G0008" -> "mitre-enterprise-attack-attack-pattern=Remote Access Tools - T1219" [label="uses",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 43 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-malware=HDoor - S0061" [label="mitre-enterprise-attack-malware\nHDoor - S0061",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=HDoor - S0061" -> "mitre-enterprise-attack-attack-pattern=Disabling Security Tools - T1089" [label="uses",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 16 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"tool=NotPetya" [label="tool\nNotPetya",shape=box,style=filled,color=deepskyblue];"tool=NotPetya" -> "ransomware=Bad Rabbit" [label="similar",dir="both"];"tool=NotPetya" -> "malpedia=EternalPetya" [label="similar",dir="both"];"ransomware=Bad Rabbit" [label="ransomware\nBad Rabbit",shape=box,style=filled,color=deepskyblue];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 17 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-malware=PowerDuke - S0139" [label="mitre-enterprise-attack-malware\nPowerDuke - S0139",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=PowerDuke - S0139" -> "malpedia=PowerDuke" [label="similar",dir="both"];"mitre-enterprise-attack-malware=PowerDuke - S0139" -> "mitre-enterprise-attack-attack-pattern=File Deletion - T1107" [label="uses",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 23 KiB

File diff suppressed because one or more lines are too long

Binary file not shown.

After

Width:  |  Height:  |  Size: 113 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-course-of-action=Password Filter DLL Mitigation - T1174" [label="mitre-enterprise-attack-course-of-action\nPassword Filter DLL Mitigation - T1174",shape=ellipse];"mitre-enterprise-attack-course-of-action=Password Filter DLL Mitigation - T1174" -> "mitre-enterprise-attack-attack-pattern=Password Filter DLL - T1174" [label="mitigates",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 25 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"microsoft-activity-group=PARINACOTA" [label="microsoft-activity-group\nPARINACOTA",shape=octagon,style=filled,color=indianred1];"microsoft-activity-group=PARINACOTA" -> "ransomware=Wadhrama" [label="uses",];"ransomware=Wadhrama" [label="ransomware\nWadhrama",shape=box,style=filled,color=deepskyblue];"ransomware=Wadhrama" -> "microsoft-activity-group=PARINACOTA" [label="used-by",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 13 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"tool=Covenant" [label="tool\nCovenant",shape=box,style=filled,color=deepskyblue];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.7 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"botnet=Sora" [label="botnet\nSora",shape=box,style=filled,color=deepskyblue];"botnet=Sora" -> "botnet=Mirai" [label="variant-of",];"botnet=Sora" -> "tool=Mirai" [label="variant-of",];"botnet=Sora" -> "botnet=Owari" [label="variant-of",];"botnet=Mirai" [label="botnet\nMirai",shape=box,style=filled,color=deepskyblue];"botnet=Mirai" -> "malpedia=Mirai (ELF)" [label="similar",dir="both"];"botnet=Mirai" -> "botnet=Owari" [label="variant-of",];"botnet=Mirai" -> "botnet=Sora" [label="variant-of",];"botnet=Owari" [label="botnet\nOwari",shape=box,style=filled,color=deepskyblue];"botnet=Owari" -> "malpedia=Owari" [label="similar",dir="both"];"botnet=Owari" -> "botnet=Mirai" [label="variant-of",];"botnet=Owari" -> "tool=Mirai" [label="variant-of",];"botnet=Owari" -> "botnet=Sora" [label="variant-of",];"tool=Mirai" [label="tool\nMirai",shape=box,style=filled,color=deepskyblue];"tool=Mirai" -> "botnet=Owari" [label="variant-of",];"tool=Mirai" -> "botnet=Sora" [label="variant-of",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 55 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-intrusion-set=NEODYMIUM - G0055" [label="mitre-enterprise-attack-intrusion-set\nNEODYMIUM - G0055",shape=octagon,style=filled,color=indianred1];"mitre-enterprise-attack-intrusion-set=NEODYMIUM - G0055" -> "microsoft-activity-group=NEODYMIUM" [label="similar",dir="both"];"mitre-enterprise-attack-intrusion-set=NEODYMIUM - G0055" -> "threat-actor=NEODYMIUM" [label="similar",dir="both"];"mitre-enterprise-attack-intrusion-set=NEODYMIUM - G0055" -> "mitre-enterprise-attack-malware=Wingbird - S0176" [label="uses",];"microsoft-activity-group=NEODYMIUM" [label="microsoft-activity-group\nNEODYMIUM",shape=octagon,style=filled,color=indianred1];"mitre-enterprise-attack-malware=Wingbird - S0176" [label="mitre-enterprise-attack-malware\nWingbird - S0176",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=Wingbird - S0176" -> "mitre-enterprise-attack-attack-pattern=DLL Side-Loading - T1073" [label="uses",];"threat-actor=NEODYMIUM" [label="threat-actor\nNEODYMIUM",shape=octagon,style=filled,color=indianred1];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 43 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"threat-actor=Hurricane Panda" [label="threat-actor\nHurricane Panda",shape=octagon,style=filled,color=indianred1];"threat-actor=Hurricane Panda" -> "mitre-enterprise-attack-intrusion-set=Deep Panda - G0009" [label="similar",dir="both"];"threat-actor=Hurricane Panda" -> "threat-actor=Shell Crew" [label="similar",dir="both"];"threat-actor=Hurricane Panda" -> "threat-actor=Codoso" [label="similar",dir="both"];"mitre-enterprise-attack-intrusion-set=Deep Panda - G0009" [label="mitre-enterprise-attack-intrusion-set\nDeep Panda - G0009",shape=octagon,style=filled,color=indianred1];"mitre-enterprise-attack-intrusion-set=Deep Panda - G0009" -> "mitre-enterprise-attack-attack-pattern=PowerShell - T1086" [label="uses",];"threat-actor=Codoso" [label="threat-actor\nCodoso",shape=octagon,style=filled,color=indianred1];"threat-actor=Shell Crew" [label="threat-actor\nShell Crew",shape=octagon,style=filled,color=indianred1];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 37 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-pre-attack-attack-pattern=Acquire OSINT data sets and information - PRE-T1054" [label="mitre-pre-attack-attack-pattern\nAcquire OSINT data sets and information - PRE-T1054",shape=ellipse];"mitre-pre-attack-attack-pattern=Acquire OSINT data sets and information - PRE-T1054" -> "mitre-pre-attack-attack-pattern=Acquire OSINT data sets and information - PRE-T1043" [label="related-to",];"mitre-pre-attack-attack-pattern=Acquire OSINT data sets and information - PRE-T1043" [label="mitre-pre-attack-attack-pattern\nAcquire OSINT data sets and information - PRE-T1043",shape=ellipse];"mitre-pre-attack-attack-pattern=Acquire OSINT data sets and information - PRE-T1043" -> "mitre-pre-attack-attack-pattern=Acquire OSINT data sets and information - PRE-T1054" [label="related-to",];"mitre-pre-attack-attack-pattern=Acquire OSINT data sets and information - PRE-T1043" -> "mitre-pre-attack-attack-pattern=Acquire OSINT data sets and information - PRE-T1024" [label="related-to",];"mitre-pre-attack-attack-pattern=Acquire OSINT data sets and information - PRE-T1024" [label="mitre-pre-attack-attack-pattern\nAcquire OSINT data sets and information - PRE-T1024",shape=ellipse];"mitre-pre-attack-attack-pattern=Acquire OSINT data sets and information - PRE-T1024" -> "mitre-pre-attack-attack-pattern=Acquire OSINT data sets and information - PRE-T1043" [label="related-to",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 50 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-course-of-action=Space after Filename Mitigation - T1151" [label="mitre-enterprise-attack-course-of-action\nSpace after Filename Mitigation - T1151",shape=ellipse];"mitre-enterprise-attack-course-of-action=Space after Filename Mitigation - T1151" -> "mitre-enterprise-attack-attack-pattern=Space after Filename - T1151" [label="mitigates",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 21 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"rsit=Information Content Security:Unauthorised modification of information" [label="rsit\nInformation Content Security:Unauthorised modification of information",shape=ellipse];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 11 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-tool=Net - S0039" [label="mitre-enterprise-attack-tool\nNet - S0039",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-tool=Net - S0039" -> "mitre-enterprise-attack-attack-pattern=Password Policy Discovery - T1201" [label="uses",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 17 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-intrusion-set=Elderwood - G0066" [label="mitre-enterprise-attack-intrusion-set\nElderwood - G0066",shape=octagon,style=filled,color=indianred1];"mitre-enterprise-attack-intrusion-set=Elderwood - G0066" -> "threat-actor=Beijing Group" [label="similar",dir="both"];"mitre-enterprise-attack-intrusion-set=Elderwood - G0066" -> "mitre-enterprise-attack-attack-pattern=Drive-by Compromise - T1189" [label="uses",];"threat-actor=Beijing Group" [label="threat-actor\nBeijing Group",shape=octagon,style=filled,color=indianred1];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 31 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-malware=Wiarp - S0206" [label="mitre-enterprise-attack-malware\nWiarp - S0206",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=Wiarp - S0206" -> "mitre-enterprise-attack-attack-pattern=Command-Line Interface - T1059" [label="uses",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 17 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"ransomware=NanoLocker" [label="ransomware\nNanoLocker",shape=box,style=filled,color=deepskyblue];"ransomware=NanoLocker" -> "malpedia=NanoLocker" [label="similar",dir="both"];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 11 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-course-of-action=HISTCONTROL Mitigation - T1148" [label="mitre-enterprise-attack-course-of-action\nHISTCONTROL Mitigation - T1148",shape=ellipse];"mitre-enterprise-attack-course-of-action=HISTCONTROL Mitigation - T1148" -> "mitre-enterprise-attack-attack-pattern=HISTCONTROL - T1148" [label="mitigates",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 23 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-pre-attack-attack-pattern=Acquire or compromise 3rd party signing certificates - PRE-T1109" [label="mitre-pre-attack-attack-pattern\nAcquire or compromise 3rd party signing certificates - PRE-T1109",shape=ellipse];"mitre-pre-attack-attack-pattern=Acquire or compromise 3rd party signing certificates - PRE-T1109" -> "mitre-pre-attack-attack-pattern=Acquire or compromise 3rd party signing certificates - PRE-T1087" [label="related-to",];"mitre-pre-attack-attack-pattern=Acquire or compromise 3rd party signing certificates - PRE-T1087" [label="mitre-pre-attack-attack-pattern\nAcquire or compromise 3rd party signing certificates - PRE-T1087",shape=ellipse];"mitre-pre-attack-attack-pattern=Acquire or compromise 3rd party signing certificates - PRE-T1087" -> "mitre-pre-attack-attack-pattern=Acquire or compromise 3rd party signing certificates - PRE-T1109" [label="related-to",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 34 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"ransomware=SynAck" [label="ransomware\nSynAck",shape=box,style=filled,color=deepskyblue];"ransomware=SynAck" -> "malpedia=SynAck" [label="similar",dir="both"];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 11 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-course-of-action=Credentials in Files Mitigation - T1081" [label="mitre-enterprise-attack-course-of-action\nCredentials in Files Mitigation - T1081",shape=ellipse];"mitre-enterprise-attack-course-of-action=Credentials in Files Mitigation - T1081" -> "mitre-enterprise-attack-attack-pattern=Credentials in Files - T1081" [label="mitigates",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 22 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-malware=MURKYTOP - S0233" [label="mitre-enterprise-attack-malware\nMURKYTOP - S0233",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=MURKYTOP - S0233" -> "mitre-enterprise-attack-attack-pattern=Account Discovery - T1087" [label="uses",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 16 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-mobile-attack-malware=DroidJack RAT - MOB-S0036" [label="mitre-mobile-attack-malware\nDroidJack RAT - MOB-S0036",shape=box,style=filled,color=deepskyblue];"mitre-mobile-attack-malware=DroidJack RAT - MOB-S0036" -> "mitre-mobile-attack-attack-pattern=Repackaged Application - MOB-T1047" [label="uses",];"mitre-mobile-attack-malware=DroidJack RAT - MOB-S0036" -> "mitre-mobile-attack-attack-pattern=Microphone or Camera Recordings - MOB-T1032" [label="uses",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 31 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"android=Rootnik" [label="android\nRootnik",shape=box,style=filled,color=deepskyblue];"android=Rootnik" -> "malpedia=Rootnik" [label="similar",dir="both"];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 9.6 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-course-of-action=Exploitation for Credential Access Mitigation - T1212" [label="mitre-enterprise-attack-course-of-action\nExploitation for Credential Access Mitigation - T1212",shape=ellipse];"mitre-enterprise-attack-course-of-action=Exploitation for Credential Access Mitigation - T1212" -> "mitre-enterprise-attack-attack-pattern=Exploitation for Credential Access - T1212" [label="mitigates",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 27 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-course-of-action=Query Registry Mitigation - T1012" [label="mitre-enterprise-attack-course-of-action\nQuery Registry Mitigation - T1012",shape=ellipse];"mitre-enterprise-attack-course-of-action=Query Registry Mitigation - T1012" -> "mitre-enterprise-attack-attack-pattern=Query Registry - T1012" [label="mitigates",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 26 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"threat-actor=Shell Crew" [label="threat-actor\nShell Crew",shape=octagon,style=filled,color=indianred1];"threat-actor=Shell Crew" -> "mitre-enterprise-attack-intrusion-set=Deep Panda - G0009" [label="similar",dir="both"];"threat-actor=Shell Crew" -> "threat-actor=Hurricane Panda" [label="similar",dir="both"];"threat-actor=Shell Crew" -> "threat-actor=Codoso" [label="similar",dir="both"];"mitre-enterprise-attack-intrusion-set=Deep Panda - G0009" [label="mitre-enterprise-attack-intrusion-set\nDeep Panda - G0009",shape=octagon,style=filled,color=indianred1];"mitre-enterprise-attack-intrusion-set=Deep Panda - G0009" -> "mitre-enterprise-attack-attack-pattern=PowerShell - T1086" [label="uses",];"threat-actor=Codoso" [label="threat-actor\nCodoso",shape=octagon,style=filled,color=indianred1];"threat-actor=Hurricane Panda" [label="threat-actor\nHurricane Panda",shape=octagon,style=filled,color=indianred1];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 39 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"tool=Bedep" [label="tool\nBedep",shape=box,style=filled,color=deepskyblue];"tool=Bedep" -> "malpedia=Bedep" [label="similar",dir="both"];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 8.6 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-course-of-action=Login Item Mitigation - T1162" [label="mitre-enterprise-attack-course-of-action\nLogin Item Mitigation - T1162",shape=ellipse];"mitre-enterprise-attack-course-of-action=Login Item Mitigation - T1162" -> "mitre-enterprise-attack-attack-pattern=Login Item - T1162" [label="mitigates",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 21 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"tool=Hikit" [label="tool\nHikit",shape=box,style=filled,color=deepskyblue];"tool=Hikit" -> "mitre-enterprise-attack-malware=Hikit - S0009" [label="similar",dir="both"];"mitre-enterprise-attack-malware=Hikit - S0009" [label="mitre-enterprise-attack-malware\nHikit - S0009",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=Hikit - S0009" -> "mitre-enterprise-attack-attack-pattern=Connection Proxy - T1090" [label="uses",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 19 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-malware=Orz - S0229" [label="mitre-enterprise-attack-malware\nOrz - S0229",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=Orz - S0229" -> "malpedia=AIRBREAK" [label="similar",dir="both"];"mitre-enterprise-attack-malware=Orz - S0229" -> "mitre-enterprise-attack-attack-pattern=System Information Discovery - T1082" [label="uses",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 27 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-pre-attack-attack-pattern=Identify job postings and needs/gaps - PRE-T1044" [label="mitre-pre-attack-attack-pattern\nIdentify job postings and needs/gaps - PRE-T1044",shape=ellipse];"mitre-pre-attack-attack-pattern=Identify job postings and needs/gaps - PRE-T1044" -> "mitre-pre-attack-attack-pattern=Identify job postings and needs/gaps - PRE-T1055" [label="related-to",];"mitre-pre-attack-attack-pattern=Identify job postings and needs/gaps - PRE-T1055" [label="mitre-pre-attack-attack-pattern\nIdentify job postings and needs/gaps - PRE-T1055",shape=ellipse];"mitre-pre-attack-attack-pattern=Identify job postings and needs/gaps - PRE-T1055" -> "mitre-pre-attack-attack-pattern=Identify job postings and needs/gaps - PRE-T1025" [label="related-to",];"mitre-pre-attack-attack-pattern=Identify job postings and needs/gaps - PRE-T1025" [label="mitre-pre-attack-attack-pattern\nIdentify job postings and needs/gaps - PRE-T1025",shape=ellipse];"mitre-pre-attack-attack-pattern=Identify job postings and needs/gaps - PRE-T1025" -> "mitre-pre-attack-attack-pattern=Identify job postings and needs/gaps - PRE-T1055" [label="related-to",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 45 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-course-of-action=Setuid and Setgid Mitigation - T1166" [label="mitre-enterprise-attack-course-of-action\nSetuid and Setgid Mitigation - T1166",shape=ellipse];"mitre-enterprise-attack-course-of-action=Setuid and Setgid Mitigation - T1166" -> "mitre-enterprise-attack-attack-pattern=Setuid and Setgid - T1166" [label="mitigates",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 21 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"botnet=Kelihos" [label="botnet\nKelihos",shape=box,style=filled,color=deepskyblue];"botnet=Kelihos" -> "malpedia=Kelihos" [label="similar",dir="both"];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 9.6 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"banker=Trickbot" [label="banker\nTrickbot",shape=box,style=filled,color=deepskyblue];"banker=Trickbot" -> "tool=Trick Bot" [label="similar",dir="both"];"banker=Trickbot" -> "malpedia=TrickBot" [label="similar",dir="both"];"tool=Trick Bot" [label="tool\nTrick Bot",shape=box,style=filled,color=deepskyblue];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 15 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"tool=GootKit" [label="tool\nGootKit",shape=box,style=filled,color=deepskyblue];"tool=GootKit" -> "malpedia=GootKit" [label="similar",dir="both"];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 9.2 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-malware=Backdoor.Oldrea - S0093" [label="mitre-enterprise-attack-malware\nBackdoor.Oldrea - S0093",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=Backdoor.Oldrea - S0093" -> "tool=Havex RAT" [label="similar",dir="both"];"mitre-enterprise-attack-malware=Backdoor.Oldrea - S0093" -> "mitre-enterprise-attack-attack-pattern=Process Discovery - T1057" [label="uses",];"tool=Havex RAT" [label="tool\nHavex RAT",shape=box,style=filled,color=deepskyblue];"tool=Havex RAT" -> "malpedia=Havex RAT" [label="similar",dir="both"];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 34 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-malware=DOGCALL - S0213" [label="mitre-enterprise-attack-malware\nDOGCALL - S0213",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=DOGCALL - S0213" -> "tool=DOGCALL" [label="similar",dir="both"];"mitre-enterprise-attack-malware=DOGCALL - S0213" -> "mitre-enterprise-attack-attack-pattern=Screen Capture - T1113" [label="uses",];"tool=DOGCALL" [label="tool\nDOGCALL",shape=box,style=filled,color=deepskyblue];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 21 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-malware=Downdelph - S0134" [label="mitre-enterprise-attack-malware\nDowndelph - S0134",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=Downdelph - S0134" -> "tool=Downdelph" [label="similar",dir="both"];"mitre-enterprise-attack-malware=Downdelph - S0134" -> "malpedia=Downdelph" [label="similar",dir="both"];"mitre-enterprise-attack-malware=Downdelph - S0134" -> "mitre-enterprise-attack-attack-pattern=Remote File Copy - T1105" [label="uses",];"tool=Downdelph" [label="tool\nDowndelph",shape=box,style=filled,color=deepskyblue];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 31 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"tool=HTTPBrowser" [label="tool\nHTTPBrowser",shape=box,style=filled,color=deepskyblue];"tool=HTTPBrowser" -> "mitre-enterprise-attack-malware=HTTPBrowser - S0070" [label="similar",dir="both"];"mitre-enterprise-attack-malware=HTTPBrowser - S0070" [label="mitre-enterprise-attack-malware\nHTTPBrowser - S0070",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=HTTPBrowser - S0070" -> "mitre-enterprise-attack-attack-pattern=Remote File Copy - T1105" [label="uses",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 21 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-intrusion-set=APT17 - G0025" [label="mitre-enterprise-attack-intrusion-set\nAPT17 - G0025",shape=octagon,style=filled,color=indianred1];"mitre-enterprise-attack-intrusion-set=APT17 - G0025" -> "mitre-enterprise-attack-intrusion-set=Winnti Group - G0044" [label="similar",dir="both"];"mitre-enterprise-attack-intrusion-set=APT17 - G0025" -> "threat-actor=Axiom" [label="similar",dir="both"];"mitre-enterprise-attack-intrusion-set=APT17 - G0025" -> "threat-actor=Aurora Panda" [label="similar",dir="both"];"mitre-enterprise-attack-intrusion-set=APT17 - G0025" -> "mitre-enterprise-attack-intrusion-set=Axiom - G0001" [label="similar",dir="both"];"mitre-pre-attack-intrusion-set=APT17 - G0025" [label="mitre-pre-attack-intrusion-set\nAPT17 - G0025",shape=octagon,style=filled,color=indianred1];"mitre-pre-attack-intrusion-set=APT17 - G0025" -> "mitre-enterprise-attack-malware=BLACKCOFFEE - S0069" [label="uses",];"mitre-enterprise-attack-intrusion-set=Winnti Group - G0044" [label="mitre-enterprise-attack-intrusion-set\nWinnti Group - G0044",shape=octagon,style=filled,color=indianred1];"mitre-enterprise-attack-intrusion-set=Winnti Group - G0044" -> "mitre-enterprise-attack-attack-pattern=Process Discovery - T1057" [label="uses",];"mitre-enterprise-attack-intrusion-set=Axiom - G0001" [label="mitre-enterprise-attack-intrusion-set\nAxiom - G0001",shape=octagon,style=filled,color=indianred1];"mitre-enterprise-attack-intrusion-set=Axiom - G0001" -> "mitre-enterprise-attack-attack-pattern=Exploit Public-Facing Application - T1190" [label="uses",];"mitre-enterprise-attack-malware=BLACKCOFFEE - S0069" [label="mitre-enterprise-attack-malware\nBLACKCOFFEE - S0069",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=BLACKCOFFEE - S0069" -> "mitre-enterprise-attack-attack-pattern=Command-Line Interface - T1059" [label="uses",];"threat-actor=Aurora Panda" [label="threat-actor\nAurora Panda",shape=octagon,style=filled,color=indianred1];"threat-actor=Axiom" [label="threat-actor\nAxiom",shape=octagon,style=filled,color=indianred1];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 70 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"ransomware=FileCoder" [label="ransomware\nFileCoder",shape=box,style=filled,color=deepskyblue];"ransomware=FileCoder" -> "ransomware=Patcher" [label="similar",dir="both"];"ransomware=FileCoder" -> "malpedia=Patcher" [label="similar",dir="both"];"ransomware=Patcher" [label="ransomware\nPatcher",shape=box,style=filled,color=deepskyblue];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 14 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-pre-attack-attack-pattern=Analyze organizational skillsets and deficiencies - PRE-T1066" [label="mitre-pre-attack-attack-pattern\nAnalyze organizational skillsets and deficiencies - PRE-T1066",shape=ellipse];"mitre-pre-attack-attack-pattern=Analyze organizational skillsets and deficiencies - PRE-T1066" -> "mitre-pre-attack-attack-pattern=Analyze organizational skillsets and deficiencies - PRE-T1074" [label="related-to",];"mitre-pre-attack-attack-pattern=Analyze organizational skillsets and deficiencies - PRE-T1066" -> "mitre-pre-attack-attack-pattern=Analyze organizational skillsets and deficiencies - PRE-T1077" [label="related-to",];"mitre-pre-attack-attack-pattern=Analyze organizational skillsets and deficiencies - PRE-T1077" [label="mitre-pre-attack-attack-pattern\nAnalyze organizational skillsets and deficiencies - PRE-T1077",shape=ellipse];"mitre-pre-attack-attack-pattern=Analyze organizational skillsets and deficiencies - PRE-T1077" -> "mitre-pre-attack-attack-pattern=Analyze organizational skillsets and deficiencies - PRE-T1074" [label="related-to",];"mitre-pre-attack-attack-pattern=Analyze organizational skillsets and deficiencies - PRE-T1074" [label="mitre-pre-attack-attack-pattern\nAnalyze organizational skillsets and deficiencies - PRE-T1074",shape=ellipse];"mitre-pre-attack-attack-pattern=Analyze organizational skillsets and deficiencies - PRE-T1074" -> "mitre-pre-attack-attack-pattern=Analyze organizational skillsets and deficiencies - PRE-T1066" [label="related-to",];"mitre-pre-attack-attack-pattern=Analyze organizational skillsets and deficiencies - PRE-T1074" -> "mitre-pre-attack-attack-pattern=Analyze organizational skillsets and deficiencies - PRE-T1077" [label="related-to",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 57 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-malware=SEASHARPEE - S0185" [label="mitre-enterprise-attack-malware\nSEASHARPEE - S0185",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=SEASHARPEE - S0185" -> "mitre-enterprise-attack-attack-pattern=Remote File Copy - T1105" [label="uses",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 16 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-malware=POWRUNER - S0184" [label="mitre-enterprise-attack-malware\nPOWRUNER - S0184",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=POWRUNER - S0184" -> "malpedia=POWRUNER" [label="similar",dir="both"];"mitre-enterprise-attack-malware=POWRUNER - S0184" -> "mitre-enterprise-attack-attack-pattern=Command-Line Interface - T1059" [label="uses",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 27 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"banker=Zeus VM" [label="banker\nZeus VM",shape=box,style=filled,color=deepskyblue];"banker=Zeus VM" -> "malpedia=VM Zeus" [label="similar",dir="both"];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 11 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"tool=CHOPSTICK" [label="tool\nCHOPSTICK",shape=box,style=filled,color=deepskyblue];"tool=CHOPSTICK" -> "mitre-enterprise-attack-malware=CHOPSTICK - S0023" [label="similar",dir="both"];"tool=CHOPSTICK" -> "mitre-mobile-attack-malware=X-Agent - MOB-S0030" [label="similar",dir="both"];"tool=CHOPSTICK" -> "tool=X-Agent" [label="similar",dir="both"];"tool=CHOPSTICK" -> "malpedia=X-Agent (Android)" [label="similar",dir="both"];"mitre-enterprise-attack-malware=CHOPSTICK - S0023" [label="mitre-enterprise-attack-malware\nCHOPSTICK - S0023",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=CHOPSTICK - S0023" -> "mitre-enterprise-attack-attack-pattern=Security Software Discovery - T1063" [label="uses",];"mitre-mobile-attack-malware=X-Agent - MOB-S0030" [label="mitre-mobile-attack-malware\nX-Agent - MOB-S0030",shape=box,style=filled,color=deepskyblue];"mitre-mobile-attack-malware=X-Agent - MOB-S0030" -> "mitre-mobile-attack-attack-pattern=Repackaged Application - MOB-T1047" [label="uses",];"mitre-mobile-attack-malware=X-Agent - MOB-S0030" -> "mitre-mobile-attack-attack-pattern=Location Tracking - MOB-T1033" [label="uses",];"tool=X-Agent" [label="tool\nX-Agent",shape=box,style=filled,color=deepskyblue];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 59 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"tool=Volgmer" [label="tool\nVolgmer",shape=box,style=filled,color=deepskyblue];"tool=Volgmer" -> "mitre-enterprise-attack-malware=Volgmer - S0180" [label="similar",dir="both"];"tool=Volgmer" -> "rat=FALLCHILL" [label="similar",dir="both"];"tool=Volgmer" -> "mitre-enterprise-attack-malware=FALLCHILL - S0181" [label="similar",dir="both"];"tool=Volgmer" -> "malpedia=Volgmer" [label="similar",dir="both"];"mitre-enterprise-attack-malware=FALLCHILL - S0181" [label="mitre-enterprise-attack-malware\nFALLCHILL - S0181",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=FALLCHILL - S0181" -> "mitre-enterprise-attack-attack-pattern=System Network Configuration Discovery - T1016" [label="uses",];"mitre-enterprise-attack-malware=Volgmer - S0180" [label="mitre-enterprise-attack-malware\nVolgmer - S0180",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-malware=Volgmer - S0180" -> "mitre-enterprise-attack-attack-pattern=Standard Cryptographic Protocol - T1032" [label="uses",];"rat=FALLCHILL" [label="rat\nFALLCHILL",shape=box,style=filled,color=deepskyblue];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 53 KiB

View File

@ -0,0 +1,2 @@
digraph {
concentrate=true;overlap=scale;"mitre-enterprise-attack-tool=certutil - S0160" [label="mitre-enterprise-attack-tool\ncertutil - S0160",shape=box,style=filled,color=deepskyblue];"mitre-enterprise-attack-tool=certutil - S0160" -> "mitre-enterprise-attack-attack-pattern=Remote File Copy - T1105" [label="uses",];}

Binary file not shown.

After

Width:  |  Height:  |  Size: 16 KiB

Some files were not shown because too many files have changed in this diff Show More