BazarCall malware

GPTKB entity

Statements (50)
Predicate Object
gptkbp:instanceOf malware
gptkbp:abilities remote command execution
lateral movement
evade detection
download additional payloads
establish persistence
gptkbp:alsoKnownAs gptkb:BazarCall
BazaCall
BazaCall malware
gptkbp:associatedWith gptkb:Cobalt_Strike
gptkb:Conti_ransomware
gptkb:Ryuk_ransomware
gptkb:TrickBot
gptkbp:deliveredBy phishing
social engineering
call-back phishing
gptkbp:developedBy unknown
gptkbp:exploits social engineering
user trust
gptkbp:firstObserved 2020
https://www.w3.org/2000/01/rdf-schema#label BazarCall malware
gptkbp:notableFor 2021
2022
gptkbp:notableVictim gptkb:government
gptkb:government_agency
healthcare organizations
education sector
corporate networks
gptkbp:relatedTo gptkb:TrickBot_group
gptkb:BazarLoader
BazaLoader
gptkbp:remedy email filtering
incident response
network monitoring
endpoint protection
user awareness training
gptkbp:status active
gptkbp:target Windows systems
gptkbp:technology human-operated attacks
call-back phishing
fake customer support numbers
malicious document attachments
gptkbp:usedBy cybercriminals
gptkbp:usedFor remote access
initial access
ransomware deployment
gptkbp:usesMalware loader
backdoor
gptkbp:bfsParent gptkb:BazarCall
gptkbp:bfsLayer 7