├── 2022-06-23_rcs_lab ├── domains.txt ├── package_names.txt ├── rcs.stix2 └── sha256.txt ├── 2023-04-11_quadream ├── README.md ├── domains.txt ├── file_paths.txt ├── generate_stix.py ├── kingspawn.stix2 └── processes.txt ├── 2023-06_01_operation_triangulation ├── domains.txt ├── emails.txt ├── generate_stix.py ├── operation_triangulation.stix2 └── processes.txt ├── 2023-07-25_wyrmspy_dragonegg ├── domains.txt ├── generate_stix.py ├── ip-addresses.txt ├── package_names.txt ├── sha256.txt └── wyrmspy_dragonegg.stix2 ├── LICENSE ├── README.md ├── candiru ├── candiru.stix2 ├── domains.txt └── generate_stix.py ├── indicators.yaml └── intellexa_predator ├── README.md ├── config_profiles.txt ├── domains.txt ├── file_paths.txt ├── generate_stix.py └── predator.stix2 /2022-06-23_rcs_lab/domains.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2022-06-23_rcs_lab/domains.txt -------------------------------------------------------------------------------- /2022-06-23_rcs_lab/package_names.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2022-06-23_rcs_lab/package_names.txt -------------------------------------------------------------------------------- /2022-06-23_rcs_lab/rcs.stix2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2022-06-23_rcs_lab/rcs.stix2 -------------------------------------------------------------------------------- /2022-06-23_rcs_lab/sha256.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2022-06-23_rcs_lab/sha256.txt -------------------------------------------------------------------------------- /2023-04-11_quadream/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2023-04-11_quadream/README.md -------------------------------------------------------------------------------- /2023-04-11_quadream/domains.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2023-04-11_quadream/domains.txt -------------------------------------------------------------------------------- /2023-04-11_quadream/file_paths.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2023-04-11_quadream/file_paths.txt -------------------------------------------------------------------------------- /2023-04-11_quadream/generate_stix.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2023-04-11_quadream/generate_stix.py -------------------------------------------------------------------------------- /2023-04-11_quadream/kingspawn.stix2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2023-04-11_quadream/kingspawn.stix2 -------------------------------------------------------------------------------- /2023-04-11_quadream/processes.txt: -------------------------------------------------------------------------------- 1 | com.apple.avcapture 2 | -------------------------------------------------------------------------------- /2023-06_01_operation_triangulation/domains.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2023-06_01_operation_triangulation/domains.txt -------------------------------------------------------------------------------- /2023-06_01_operation_triangulation/emails.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2023-06_01_operation_triangulation/emails.txt -------------------------------------------------------------------------------- /2023-06_01_operation_triangulation/generate_stix.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2023-06_01_operation_triangulation/generate_stix.py -------------------------------------------------------------------------------- /2023-06_01_operation_triangulation/operation_triangulation.stix2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2023-06_01_operation_triangulation/operation_triangulation.stix2 -------------------------------------------------------------------------------- /2023-06_01_operation_triangulation/processes.txt: -------------------------------------------------------------------------------- 1 | BackupAgent -------------------------------------------------------------------------------- /2023-07-25_wyrmspy_dragonegg/domains.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2023-07-25_wyrmspy_dragonegg/domains.txt -------------------------------------------------------------------------------- /2023-07-25_wyrmspy_dragonegg/generate_stix.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2023-07-25_wyrmspy_dragonegg/generate_stix.py -------------------------------------------------------------------------------- /2023-07-25_wyrmspy_dragonegg/ip-addresses.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2023-07-25_wyrmspy_dragonegg/ip-addresses.txt -------------------------------------------------------------------------------- /2023-07-25_wyrmspy_dragonegg/package_names.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2023-07-25_wyrmspy_dragonegg/package_names.txt -------------------------------------------------------------------------------- /2023-07-25_wyrmspy_dragonegg/sha256.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2023-07-25_wyrmspy_dragonegg/sha256.txt -------------------------------------------------------------------------------- /2023-07-25_wyrmspy_dragonegg/wyrmspy_dragonegg.stix2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/2023-07-25_wyrmspy_dragonegg/wyrmspy_dragonegg.stix2 -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/README.md -------------------------------------------------------------------------------- /candiru/candiru.stix2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/candiru/candiru.stix2 -------------------------------------------------------------------------------- /candiru/domains.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/candiru/domains.txt -------------------------------------------------------------------------------- /candiru/generate_stix.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/candiru/generate_stix.py -------------------------------------------------------------------------------- /indicators.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/indicators.yaml -------------------------------------------------------------------------------- /intellexa_predator/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/intellexa_predator/README.md -------------------------------------------------------------------------------- /intellexa_predator/config_profiles.txt: -------------------------------------------------------------------------------- 1 | 76DAB334-7E17-475D-A5D6-0794EB5818A5 2 | -------------------------------------------------------------------------------- /intellexa_predator/domains.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/intellexa_predator/domains.txt -------------------------------------------------------------------------------- /intellexa_predator/file_paths.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/intellexa_predator/file_paths.txt -------------------------------------------------------------------------------- /intellexa_predator/generate_stix.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/intellexa_predator/generate_stix.py -------------------------------------------------------------------------------- /intellexa_predator/predator.stix2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mvt-project/mvt-indicators/HEAD/intellexa_predator/predator.stix2 --------------------------------------------------------------------------------