Statements (23)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:malware
|
| gptkbp:abilities |
command and control communication
modular plugin loading self-deletion |
| gptkbp:category |
gptkb:advanced_persistent_threat
|
| gptkbp:developedBy |
gptkb:Equation_Group
|
| gptkbp:discoveredBy |
gptkb:Kaspersky_Lab
|
| gptkbp:encryptionUsed |
gptkb:AES
|
| gptkbp:exfiltratesData |
files
system information keystrokes |
| gptkbp:firstReported |
2015
|
| gptkbp:notableFeature |
modular architecture
resides entirely in registry stealthy persistence |
| gptkbp:persistenceMechanism |
gptkb:Windows_registry
|
| gptkbp:platform |
gptkb:Microsoft_Windows
|
| gptkbp:relatedTo |
gptkb:DoubleFantasy_malware
gptkb:EquationDrug_malware |
| gptkbp:usedFor |
gptkb:cybercrime
|
| gptkbp:bfsParent |
gptkb:Equation_Group
|
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
GrayFish malware
|