test_scratch / cti-ATT-CK-v13.1 /enterprise-attack /intrusion-set /intrusion-set--16ade1aa-0ea1-4bb7-88cc-9079df2ae756.json
khoicrtp's picture
Upload 2298 files
5fe70fd
raw
history blame
2.28 kB
{
"type": "bundle",
"id": "bundle--48d4071d-6dd9-448f-9b8b-9b86c7a5dfe8",
"spec_version": "2.0",
"objects": [
{
"aliases": [
"admin@338"
],
"x_mitre_domains": [
"enterprise-attack"
],
"x_mitre_contributors": [
"Tatsuya Daitoku, Cyber Defense Institute, Inc."
],
"object_marking_refs": [
"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
],
"id": "intrusion-set--16ade1aa-0ea1-4bb7-88cc-9079df2ae756",
"type": "intrusion-set",
"created": "2017-05-31T21:31:53.579Z",
"created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
"external_references": [
{
"source_name": "mitre-attack",
"url": "https://attack.mitre.org/groups/G0018",
"external_id": "G0018"
},
{
"source_name": "admin@338",
"description": "(Citation: FireEye admin@338)"
},
{
"source_name": "FireEye admin@338",
"description": "FireEye Threat Intelligence. (2015, December 1). China-based Cyber Threat Group Uses Dropbox for Malware Communications and Targets Hong Kong Media Outlets. Retrieved December 4, 2015.",
"url": "https://www.fireeye.com/blog/threat-research/2015/11/china-based-threat.html"
}
],
"modified": "2020-03-18T19:54:59.120Z",
"name": "admin@338",
"description": "[admin@338](https://attack.mitre.org/groups/G0018) is a China-based cyber threat group. It has previously used newsworthy events as lures to deliver malware and has primarily targeted organizations involved in financial, economic, and trade policy, typically using publicly available RATs such as [PoisonIvy](https://attack.mitre.org/software/S0012), as well as some non-public backdoors. (Citation: FireEye admin@338)",
"x_mitre_version": "1.2",
"x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5"
}
]
}