Skip to content

Commit

Permalink
chg: [malpedia] duplicate refs removed
Browse files Browse the repository at this point in the history
  • Loading branch information
adulau committed Sep 26, 2023
1 parent 479f0ad commit b79b75d
Showing 1 changed file with 1 addition and 11 deletions.
12 changes: 1 addition & 11 deletions clusters/malpedia.json
Original file line number Diff line number Diff line change
Expand Up @@ -7048,7 +7048,6 @@
"https://www.intezer.com/wp-content/uploads/2021/09/TeamTNT-Cryptomining-Explosion.pdf",
"https://blog.aquasec.com/teamtnt-campaign-against-docker-kubernetes-environment",
"https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/docs/vmw-exposing-malware-in-linux-based-multi-cloud-environments.pdf",
"https://malpedia.caad.fkie.fraunhofer.de/details/elf.teamtnt",
"https://www.cadosecurity.com/teamtnt-script-employed-to-grab-aws-credentials/",
"https://cybersecurity.att.com/blogs/labs-research/teamtnt-with-new-campaign-aka-chimaera",
"https://www.cadosecurity.com/post/team-tnt-the-first-crypto-mining-worm-to-steal-aws-credentials",
Expand Down Expand Up @@ -11695,7 +11694,6 @@
"description": "",
"meta": {
"refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/py.pyaesloader",
"https://malpedia.caad.fkie.fraunhofer.de/details/py.pyaesloader"
],
"synonyms": [],
Expand Down Expand Up @@ -11847,7 +11845,6 @@
"description": "",
"meta": {
"refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/py.unidentified_002",
"https://malpedia.caad.fkie.fraunhofer.de/details/py.unidentified_002"
],
"synonyms": [],
Expand All @@ -11860,7 +11857,6 @@
"description": "",
"meta": {
"refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/py.unidentified_003",
"https://malpedia.caad.fkie.fraunhofer.de/details/py.unidentified_003"
],
"synonyms": [],
Expand Down Expand Up @@ -22169,7 +22165,6 @@
"https://malcat.fr/blog/exploit-steganography-and-delphi-unpacking-dbatloader/",
"https://www.netskope.com/blog/dbatloader-abusing-discord-to-deliver-warzone-rat",
"https://gi7w0rm.medium.com/uncovering-ddgroup-a-long-time-threat-actor-d3b3020625a4",
"https://malpedia.caad.fkie.fraunhofer.de/details/win.dbatloader",
"https://www.zscaler.com/blogs/security-research/dbatloader-actively-distributing-malwares-targeting-european-businesses",
"https://securityintelligence.com/posts/email-campaigns-leverage-updated-dbatloader-deliver-rats-stealers/",
"https://blog.vincss.net/2020/09/re016-malware-analysis-modiloader-eng.html",
Expand Down Expand Up @@ -25523,7 +25518,6 @@
"description": "FastLoader is a small .NET downloader, which name comes from PDB strings seen in samples. It typically downloads TrickBot. It may create a list of processes and uploads it together with screenshot(s). In more recent versions, it employs simple anti-analysis checks (VM detection) and comes with string obfuscations. \r\n",
"meta": {
"refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/win.fastloader",
"https://malpedia.caad.fkie.fraunhofer.de/details/win.fastloader"
],
"synonyms": [],
Expand Down Expand Up @@ -28033,8 +28027,7 @@
"https://cert.gov.ua/article/38374",
"https://www.intezer.com/blog/research/elephant-malware-targeting-ukrainian-orgs/",
"https://businessinsights.bitdefender.com/deep-dive-into-the-elephant-framework-a-new-cyber-threat-in-ukraine",
"https://cip.gov.ua/en/news/khto-stoyit-za-kiberatakami-na-ukrayinsku-kritichnu-informaciinu-infrastrukturu-statistika-15-22-bereznya",
"https://malpedia.caad.fkie.fraunhofer.de/details/win.graphsteel"
"https://cip.gov.ua/en/news/khto-stoyit-za-kiberatakami-na-ukrayinsku-kritichnu-informaciinu-infrastrukturu-statistika-15-22-bereznya"
],
"synonyms": [],
"type": []
Expand Down Expand Up @@ -30075,7 +30068,6 @@
"description": "",
"meta": {
"refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/win.icyheart",
"https://malpedia.caad.fkie.fraunhofer.de/details/win.icyheart"
],
"synonyms": [
Expand Down Expand Up @@ -31774,7 +31766,6 @@
"description": "KleptoParasite Stealer is advertised on Hackforums as a noob-friendly stealer. It is modular and comes with a IP retriever module, a Outlook stealer (32bit/64bit) and a Chrome/Firefox stealer (32bit/64bit). Earlier versions come bundled (loader plus modules), newer versions come with a loader (167k) that grabs the modules.\r\n\r\nPDB-strings suggest a relationship to JogLog v6 and v7.",
"meta": {
"refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/win.kleptoparasite_stealer",
"https://malpedia.caad.fkie.fraunhofer.de/details/win.kleptoparasite_stealer"
],
"synonyms": [
Expand Down Expand Up @@ -45960,7 +45951,6 @@
"https://cdn-cybersecurity.att.com/docs/global-perspective-of-the-sidewinder-apt.pdf",
"https://www.trendmicro.com/en_us/research/20/l/sidewinder-leverages-south-asian-territorial-issues-for-spear-ph.html",
"https://otx.alienvault.com/pulse/5fd10760f9afb730d37c4742/",
"https://malpedia.caad.fkie.fraunhofer.de/details/win.sidewinder",
"https://s.tencent.com/research/report/479.html",
"https://s.tencent.com/research/report/659.html",
"https://medium.com/@Sebdraven/apt-sidewinder-tricks-powershell-anti-forensics-and-execution-side-loading-5bc1a7e7c84c",
Expand Down

0 comments on commit b79b75d

Please sign in to comment.