Comments (2)
Update on this
Created a new MISP install and below are all the threats found in /var/lib/docker/overlay2/{folder_names}/diff/{folder_names}:
Id: "f703ca65-0433-40a9-95d0-2e0f65bfef14"
Name: Backdoor:PHP/Remoteshell.B
Type: "backdoor"
Status: "infected"
Id: "6802e112-f8c1-4c65-a7cc-1e00db8d46fc"
Name: Backdoor:PHP/Remoteshell.B
Type: "backdoor"
Status: "infected"
Id: "29988540-6155-4b00-b253-9cc4fa8a1582"
Name: TrojanDownloader:JS/Nemucod!rfn
Type: "trojan_downloader"
Status: "disinfected"
Id: "f518a473-c660-4f8e-8c70-16cd993f3619"
Name: TrojanDownloader:JS/Nemucod!rfn
Type: "trojan_downloader"
Status: "disinfected"
Id: "7b6b3171-a015-4b1d-980c-437b18825cb7"
Name: TrojanDownloader:JS/Nemucod!rfn
Type: "trojan_downloader"
Status: "infected"
Id: "11b6a4ae-eb70-45d9-a54e-59b1dc811405"
Name: TrojanDownloader:X97M/Adnel
Type: "trojan_downloader"
Status: "infected"
Id: "f159ee8a-bbbc-4cae-b6ee-c79baf5b9ea1"
Name: TrojanDownloader:O97M/Donoff!MSR
Type: "trojan_downloader"
Status: "infected"
Id: "eabb5a92-469a-4688-bc5a-81abd2f97857"
Name: Backdoor:PHP/Remoteshell.B
Type: "backdoor"
Status: "infected"
Id: "1d113160-2846-4320-9c36-72cf9df46d60"
Name: Backdoor:PHP/Remoteshell.B
Type: "backdoor"
Status: "infected"
Does anyone know if their folders for MISP mentioned above is also showing up with these threats?
Many thanks
from x_old_misp_docker.
And to be even more specific these are all the files and locations of these files which were flagged by Defender as malicious or suspicious and were quarantined:
/var/lib/docker/overlay2/puntpvg2kyxcjkyp0v5ua4akw/diff/root/MISP.tgz
/var/lib/docker/overlay2/w4k5ekcuu60arvbjj9mptm7u7/diff/var/www/MISP/PyMISP/tests/viper-test-files/test_files/9afa90370cfd217ae1ec36e752a393537878a2f3b5f9159f61690e7790904b0d
/var/lib/docker/overlay2/w4k5ekcuu60arvbjj9mptm7u7/diff/var/www/MISP/PyMISP/tests/viper-test-files/test_files/9afa90370cfd217ae1ec36e752a393537878a2f3b5f9159f61690e7790904b0d
/var/lib/docker/overlay2/w4k5ekcuu60arvbjj9mptm7u7/diff/var/www/.cache/pip/wheels/b2/b6/fd/89b702cb285c586b0b3090d1ae26d2230c25c0d33ffa635a66/misp_stix-2.4.172-py3-none-any.whl
/var/lib/docker/overlay2/w4k5ekcuu60arvbjj9mptm7u7/diff/var/www/MISP/app/files/scripts/misp-stix/misp_stix_converter/data/cti/enterprise-attack/relationship/relationship--2610bdef-0b08-46a8-94f5-cf253f11e5fc.json
/var/lib/docker/overlay2/w4k5ekcuu60arvbjj9mptm7u7/diff/var/www/MISP/venv/lib/python3.8/site-packages/misp_stix_converter/data/cti/enterprise-attack/relationship/relationship--2610bdef-0b08-46a8-94f5-cf253f11e5fc.json
from x_old_misp_docker.
Related Issues (20)
- MISP SSL Configuration HOT 1
- DEBUG urlib3 POST request failed
- MISP to Sentinel sync failing
- Security Worst Practice: MYSQL_PASSWORD logged in cleartext
- Accessing web Interface from remote host HOT 2
- Request: Build for Apple Silicon ARM64 (M1 Ultra) HOT 2
- Web server failed on Misp Installation HOT 10
- Unable to find MISP related logs HOT 1
- Publish Docker Image to an registry HOT 2
- Import sql db? HOT 2
- An Internal Error Has Occurred. on initial install HOT 2
- misp_db --initialize specified but the data directory has files in it. Aborting.
- Feeds are not being downloaded
- Docker compose build fatal error : mkdir: cannot create directory ‘/var/www/MISP’ , could not create leading directories of '/var/www/MISP': Permission denied HOT 1
- misp_web | /usr/bin/env: ‘bash\r’: No such file or directory
- INSTALL_NODB.sh: line 73: syntax error near unexpected token
- Azure (MS EntraID) SSO
- Require Run As Non-Root User
- missing autoload.php HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from x_old_misp_docker.