{ "Event": { "analysis": "1", "date": "2024-07-01", "extends_uuid": "", "info": "[Threat Intel] Impact of FrostyGoop ICS Malware on Connected OT Systems", "protected": false, "publish_timestamp": "1772407376", "published": true, "threat_level_id": "1", "timestamp": "1772407374", "uuid": "f6417d79-8def-4233-9f17-83f9aae4edd2", "Orgc": { "name": "Rectifyq", "uuid": "cd9bd516-61fa-476b-980f-2f8de03992d4" }, "Tag": [ { "colour": "#ffffff", "local": false, "name": "tlp:clear", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:producer=\"Dragos\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"FrostyGoop\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:target-information=\"Ukraine\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Energy\"", "relationship_type": "" }, { "colour": "#49a260", "local": false, "name": "rectifyq:category=\"threat\"", "relationship_type": "" }, { "colour": "#110041", "local": false, "name": "rectifyq:sub-category=\"malware-analysis\"", "relationship_type": "" }, { "colour": "#190061", "local": false, "name": "rectifyq:topic=\"ics-ot\"", "relationship_type": "" }, { "colour": "#d92121", "local": false, "name": "rectifyq:target=\"targeted\"", "relationship_type": "" }, { "colour": "#31373d", "local": false, "name": "rectifyq:MY-relevancy=\"not-relevant\"", "relationship_type": "" }, { "colour": "#f63636", "local": false, "name": "ICS-specific", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"Tria.ge\"", "relationship_type": "" }, { "colour": "#3800d9", "local": false, "name": "rectifyq:action-taken=\"VT-comment\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Industrial\"", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"none-from-src\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772360575", "to_ids": false, "type": "link", "uuid": "013137d5-e0fe-41bd-abdf-65cae194a759", "value": "https://hub.dragos.com/report/frostygoop-ics-malware-impacting-operational-technology" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772360575", "to_ids": false, "type": "link", "uuid": "eded35e0-0068-460e-ac1b-db4d7c06e994", "value": "https://hub.dragos.com/hubfs/Reports/Dragos-FrostyGoop-ICS-Malware-Intel-Brief-0724_r2.pdf?hsLang=en" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772363732", "to_ids": false, "type": "link", "uuid": "0cb896b5-e1e4-4c62-a7b1-67df6b50f895", "value": "https://www.sans.org/blog/whats-the-scoop-on-frostygoop-the-latest-ics-malware-and-ics-controls-considerations" } ] } }