test_scratch
/
cti-ATT-CK-v13.1
/enterprise-attack
/intrusion-set
/intrusion-set--44102191-3a31-45f8-acbe-34bdb441d5ad.json
| { | |
| "type": "bundle", | |
| "id": "bundle--f2cd46f1-c0fa-4427-a17f-6ab7b989d077", | |
| "spec_version": "2.0", | |
| "objects": [ | |
| { | |
| "aliases": [ | |
| "Rocke" | |
| ], | |
| "x_mitre_domains": [ | |
| "enterprise-attack" | |
| ], | |
| "object_marking_refs": [ | |
| "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168" | |
| ], | |
| "id": "intrusion-set--44102191-3a31-45f8-acbe-34bdb441d5ad", | |
| "type": "intrusion-set", | |
| "created": "2020-05-26T14:20:20.623Z", | |
| "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5", | |
| "external_references": [ | |
| { | |
| "external_id": "G0106", | |
| "source_name": "mitre-attack", | |
| "url": "https://attack.mitre.org/groups/G0106" | |
| }, | |
| { | |
| "source_name": "Talos Rocke August 2018", | |
| "url": "https://blog.talosintelligence.com/2018/08/rocke-champion-of-monero-miners.html", | |
| "description": "Liebenberg, D.. (2018, August 30). Rocke: The Champion of Monero Miners. Retrieved May 26, 2020." | |
| } | |
| ], | |
| "modified": "2020-06-19T20:41:21.215Z", | |
| "name": "Rocke", | |
| "description": "[Rocke](https://attack.mitre.org/groups/G0106) is an alleged Chinese-speaking adversary whose primary objective appeared to be cryptojacking, or stealing victim system resources for the purposes of mining cryptocurrency. The name [Rocke](https://attack.mitre.org/groups/G0106) comes from the email address \"rocke@live.cn\" used to create the wallet which held collected cryptocurrency. Researchers have detected overlaps between [Rocke](https://attack.mitre.org/groups/G0106) and the Iron Cybercrime Group, though this attribution has not been confirmed.(Citation: Talos Rocke August 2018)", | |
| "x_mitre_version": "1.0", | |
| "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5" | |
| } | |
| ] | |
| } |