Statements (50)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:malware
|
| gptkbp:abilities |
remote command execution
lateral movement evade detection download additional payloads establish persistence |
| gptkbp:alsoKnownAs |
gptkb:BazarCall
BazaCall BazaCall malware |
| gptkbp:associatedWith |
gptkb:Cobalt_Strike
gptkb:Conti_ransomware gptkb:Ryuk_ransomware gptkb:TrickBot |
| gptkbp:deliveredBy |
phishing
social engineering call-back phishing |
| gptkbp:developedBy |
gptkb:unknown
|
| gptkbp:exploits |
social engineering
user trust |
| gptkbp:firstObserved |
2020
|
| gptkbp:notableFor |
2021
2022 |
| gptkbp:notableVictim |
gptkb:government
gptkb:government_agency healthcare organizations education sector corporate networks |
| gptkbp:relatedTo |
gptkb:TrickBot_group
gptkb:BazarLoader BazaLoader |
| gptkbp:remedy |
email filtering
incident response network monitoring endpoint protection user awareness training |
| gptkbp:status |
active
|
| gptkbp:target |
Windows systems
|
| gptkbp:technology |
human-operated attacks
call-back phishing fake customer support numbers malicious document attachments |
| gptkbp:usedBy |
cybercriminals
|
| gptkbp:usedFor |
remote access
initial access ransomware deployment |
| gptkbp:usesMalware |
loader
backdoor |
| gptkbp:bfsParent |
gptkb:BazarCall
|
| gptkbp:bfsLayer |
8
|
| https://www.w3.org/2000/01/rdf-schema#label |
BazarCall malware
|