-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathconfig.json
More file actions
79 lines (79 loc) · 1.54 KB
/
config.json
File metadata and controls
79 lines (79 loc) · 1.54 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
{
"keywords": ["analysis",
"intelligence",
"threat",
"fraud",
"botnet",
"banker",
"trojans",
"apt",
"dyre",
"bugat",
"dridex",
"carberp",
"cybercrime",
"zeus",
"e-banking",
"bank",
"crimeware",
"malicious",
"rapport",
"raport",
"zbot",
"zitmo",
"spitmo",
"spyware",
"banload",
"banloader",
"keylogger",
"dropper",
"banking trojan",
"backdoor",
"boleto",
"carbanak",
"credit cards",
"emotet",
"internet banking",
"mitm",
"passwords",
"upatre",
"pony",
"sinowal",
"torpig",
"sinkhole",
"spyeye",
"gozi",
"ursnif",
"phishing",
"infostealers",
"bitcoin",
"wallet",
"cryptocurrency",
"transaction",
"mitm",
"man in the middle",
"man in the browser",
"mitb",
"credential stuffing",
"grabber",
"browser",
"financial fraud",
"cookie hijack",
"session hijack",
"caiman",
"rilide ",
"ursa",
"mispadu"],
"analyst_questions": [
"What kind of malware is it?",
"What kind of attack does it involve?",
"Does the malware using web inject?",
"Is there credential theft from the browser?",
"Does the malware install malicious chrome extension?",
"Does is steals credit cards or bank information?",
"Is it related to wallet stealer?",
"What kind of information the malware steals?",
"Where does it forward the stolen information?",
"What are the targeted located (regions, banks name, wallets)?"
]
}