Carbanak malware

GPTKB entity

Statements (51)
Predicate Object
gptkbp:instanceOf malware
gptkbp:abilities file transfer
remote access
command execution
screen capture
lateral movement
keylogging
ATM cashout
gptkbp:alsoKnownAs gptkb:Anunak
gptkbp:arrested gptkb:Spain
gptkb:Spanish_National_Police
2018
gptkbp:category cyberattack tool
financial malware
gptkbp:discoveredBy 2014
gptkbp:estimatedLoss over $1 billion
gptkbp:exfiltrates gptkb:financial_services_company
internal documents
bank credentials
customer data
gptkbp:exploits Windows vulnerabilities
privilege escalation
lateral movement techniques
https://www.w3.org/2000/01/rdf-schema#label Carbanak malware
gptkbp:notableEvent 2013-2015 global bank heists
gptkbp:operatingSystem gptkb:Microsoft_Windows
gptkbp:programmingLanguage gptkb:C++
gptkbp:relatedTo gptkb:Cobalt_Group
gptkb:FIN7
gptkbp:target gptkb:ATMs
banks
financial institutions
gptkbp:type malware
gptkbp:usedBy gptkb:Carbanak_group
gptkbp:usedFor gptkb:crime
cybercrime
espionage
gptkbp:uses gptkb:Tor_network
gptkb:Metasploit
gptkb:Mimikatz
gptkb:VNC
gptkb:RDP
PowerShell scripts
RAT (Remote Access Trojan)
custom malware loaders
encrypted C2 channels
gptkbp:vectorFor phishing emails
malicious attachments
spear phishing
gptkbp:bfsParent gptkb:Carbanak
gptkbp:bfsLayer 6