|
gptkbp:instanceOf
|
gptkb:malware
|
|
gptkbp:abilities
|
downloading additional malware
spreading laterally in networks
stealing sensitive information
|
|
gptkbp:alsoKnownAs
|
gptkb:Geodo
gptkb:Heodo
|
|
gptkbp:associatedWith
|
gptkb:TA542_threat_group
|
|
gptkbp:countermeasuresInclude
|
email filtering
endpoint protection
user awareness training
|
|
gptkbp:detects
|
gptkb:security
|
|
gptkbp:discoveredBy
|
2014
|
|
gptkbp:disruptionDate
|
January 2021
|
|
gptkbp:interruptedBy
|
international law enforcement operation
|
|
gptkbp:laterEvolvedTo
|
malware delivery service
|
|
gptkbp:notableFor
|
modular architecture
resilience to takedown
|
|
gptkbp:originallyDevelopedAs
|
gptkb:malware
|
|
gptkbp:primarilyTargets
|
gptkb:Windows_operating_systems
|
|
gptkbp:resumedActivity
|
November 2021
|
|
gptkbp:spreadTo
|
malicious email attachments
malicious links
malspam campaigns
|
|
gptkbp:usedToDeliver
|
gptkb:QakBot
gptkb:Ryuk_ransomware
gptkb:TrickBot
|
|
gptkbp:bfsParent
|
gptkb:Domain_Generation_Algorithm
gptkb:IcedID
gptkb:Trickbot
|
|
gptkbp:bfsLayer
|
6
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Emotet
|