-
Notifications
You must be signed in to change notification settings - Fork 10
/
galaxy.ini
131 lines (131 loc) · 5.58 KB
/
galaxy.ini
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
; https://www.misp-project.org/galaxy.html
[Galaxy]
njRAT = misp-galaxy:malpedia="NjRAT"
Qakbot = misp-galaxy:banker="Qakbot"
Tinba = misp-galaxy:banker="Tinba"
Nymaim = misp-galaxy:malpedia="Nymaim"
Pony = misp-galaxy:malpedia="Pony"
Sakula = misp-galaxy:rat="Sakula"
LokiBot = misp-galaxy:android="LokiBot"
DarkComet = misp-galaxy:malpedia="DarkComet"
GandCrab = misp-galaxy:malpedia="Gandcrab"
Geodo = misp-galaxy:banker="Geodo"
PoisonIvy = misp-galaxy:malpedia="Poison Ivy"
Kovter = misp-galaxy:malpedia="Kovter"
CoreBot = misp-galaxy:banker="Corebot"
Emotet = misp-galaxy:malpedia="Emotet"
X-Agent = misp-galaxy:tool="X-Agent"
Gozi = misp-galaxy:banker="Gozi"
ISFB = misp-galaxy:malpedia="ISFB"
Andromeda = misp-galaxy:malpedia="Andromeda"
Kronos = misp-galaxy:malpedia="Kronos"
AgentTesla = misp-galaxy:tool="Agent Tesla"
#Azorult = misp-galaxy:malpedia="Azorult"
Rifdoor = misp-galaxy:malpedia="Rifdoor"
Ursnif = misp-galaxy:mitre-malware="Ursnif - S0386"
FormBook = misp-galaxy:malpedia="Formbook"
XtremeRAT = misp-galaxy:rat="XtremeRAT"
Excalibur = misp-galaxy:malpedia="Excalibur"
Sekur = misp-galaxy:tool="Sekur"
Netwire = misp-galaxy:rat="Netwire"
Dridex = misp-galaxy:tool="Dridex"
URLZone = misp-galaxy:malpedia="UrlZone"
SolarBot = misp-galaxy:malpedia="Solarbot"
Gh0stRAT = misp-galaxy:tool="Gh0st Rat"
Taleret = misp-galaxy:malpedia="Taleret"
AmadeyLoader = misp-galaxy:malpedia="Amadey"
AmadeyClipper = misp-galaxy:malpedia="Amadey"
AmadeyStealer = misp-galaxy:malpedia="Amadey"
AmadeyScreencap = misp-galaxy:malpedia="Amadey"
NetWalker = misp-galaxy:malpedia="Mailto"
LockBitRansomware = misp-galaxy:malpedia="LockBit"
Danabot = misp-galaxy:banker="DanaBot"
Hive Ransomware = misp-galaxy:malpedia="hive"
Qakbot/EmailCollectorPlugin = misp-galaxy:banker="Qakbot"
DoppelDridex = misp-galaxy:malpedia="Dridex"
Makop = misp-galaxy:malpedia="Makop Ransomware"
Stealbit = misp-galaxy:malpedia="StealBit"
Mimikatz = misp-galaxy:malpedia="MimiKatz"
RainyDay = misp-galaxy:mitre-malware="RainyDay - S0629"
Sodinokibi = misp-galaxy:malpedia="REvil (Windows)"
CobaltStrike = misp-galaxy:malpedia="Cobalt Strike"
#Mofksys = misp-galaxy:malpedia="Mofksys"
XORDDoS = misp-galaxy:botnet="XorDDoS"
Tofsee = misp-galaxy:malpedia="Tofsee"
Sality = misp-galaxy:botnet="Sality"
Salityv2 = misp-galaxy:botnet="Sality"
Salityv3 = misp-galaxy:botnet="Sality"
Salityv4 = misp-galaxy:botnet="Sality"
;hacked in
#PdfCaptchaLure21 = misp-galaxy:malpedia="PdfCaptchaLure21"
#IIS7VbDropper = misp-galaxy:malpedia="IIS7VbDropper"
Nitol = misp-galaxy:malpedia="Nitol"
Metasploit = misp-galaxy:tool="metasploit"
StealthWorker = misp-galaxy:malpedia="StealthWorker Go"
VidarStealer = misp-galaxy:stealer="Vidar"
XLoader = misp-galaxy:malpedia="XLoader"
#FakeDead = misp-galaxy:malpedia="FakeDead"
MazeRansomware = misp-galaxy:malpedia="Maze"
Warzone = misp-galaxy:rat="Warzone"
SpyMax = misp-galaxy:malpedia="SpyMax"
AhMyth = misp-galaxy:rat="AhNyth Android"
Quasar = misp-galaxy:rat="Quasar RAT"
SmokeLoader = misp-galaxy:malpedia="SmokeLoader"
AsyncRAT = misp-galaxy:rat="AsyncRAT"
#WideGate = misp-galaxy:malpedia="WideGate"
#XMRig = misp-galaxy:exploit-kit="XMRig" # Not auto-mapping?
Aenjaris = misp-galaxy:malpedia="Aenjaris"
#SnakeKeylogger = misp-galaxy:malpedia="SnakeKeylogger"
#GetAndGoLoader = misp-galaxy:malpedia="GetAndGoLoader"
BabyShark = misp-galaxy:tool="BabyShark"
Vflooder = misp-galaxy:malpedia="Vflooder"
ClopRansomware = misp-galaxy:ransomware="Clop"
CoreImpact = misp-galaxy:malpedia="Ghole"
STOP = misp-galaxy:malpedia="STOP"
#YahooStealer = misp-galaxy:malpedia="YahooStealer"
Magecart = misp-galaxy:malpedia="magecart"
WanaRansomware = misp-galaxy:mitre-malware="WannaCry - S0366"
#Enosch = misp-galaxy:malpedia="Enosch"
#NetInfoNabster = misp-galaxy:stealer="NetInfoNabster"
BlackEnergy = misp-galaxy:malpedia="BlackEnergy"
NanoCore = misp-galaxy:rat="NanoCore"
Rekram = misp-galaxy:tool="Rekaf"
Gootkit = misp-galaxy:malpedia="Gootkit"
FefbfaShellcode = misp-galaxy:malpedia="FefbfaShellcode"
Badnews = misp-galaxy:tool="Badnews"
lethic = misp-galaxy:malpedia="Lethic"
GlobeImposter = misp-galaxy:malpedia="GlobeImposter"
Phorpiex = misp-galaxy:malpedia="Phorpiex"
#MyloPacker = misp-galaxy:malpedia="MyloPacker"
TrickBot = misp-galaxy:malpedia="TrickBot"
PandaZeus = misp-galaxy:mitre-malware="Zeus Panda - S0330"
Remcos = misp-galaxy:malpedia="Remcos"
#RaccoonStealer = misp-galaxy:stealer="Raccoon"
#TinyPoS = misp-galaxy:malpedia="TinyPoS"
TinyLoader = misp-galaxy:malpedia="TinyLoader"
#Kiron = misp-galaxy:malpedia="Kiron"
DiamondFox = misp-galaxy:malpedia="DiamondFox"
#CulebraVariant = misp-galaxy:malpedia="CulebraVariant"
Zloader = misp-galaxy:malpedia="Zloader"
njRATLime = misp-galaxy:malpedia="NjRAT"
#BokBot = misp-galaxy:botnet="BokBot"
OldExportControlDropper = misp-galaxy:malpedia="OldExportControlDropper"
ParastooRAT = misp-galaxy:rat="ParastooRAT"
#Retefe = misp-galaxy:malpedia="Retefe"
Avaddon = misp-galaxy:malpedia="Avaddon"
Pingdrop = misp-galaxy:malpedia="Pingdrop"
ContiRansomware = misp-galaxy:ransomware="Conti"
PlayRansomware = misp-galaxy:ransomware="PLAY Ransomware"
LockyRansomware = misp-galaxy:malpedia="Locky"
GhostRansomware = misp-galaxy:ransomware="Buran"
NokkiHTTP = misp-galaxy:malpedia="Nokki"
NokkiFTP = misp-galaxy:malpedia="Nokki"
NokkiDropper = misp-galaxy:malpedia="Nokki"
KONNIFTP = misp-galaxy:malpedia="Konni"
CybergateRAT = misp-galaxy:rat="CyberGate"
QRStealer = misp-galaxy:rat="Qarallax"
GuLoader = misp-galaxy:malpedia="CloudEyE"
ASPXSpyWebshell = misp-galaxy:malpedia="ASPXSpy"
AriaBody = misp-galaxy:malpedia="Aria-body"
Phoenix_InfoStealer = misp-galaxy:malpedia="Phoenix Keylogger"
RedLineStealer = misp-galaxy:malpedia="RedLine Stealer"