Statements (29)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
malware
|
| gptkbp:abilities |
data exfiltration
command execution screenshot capture file manipulation keylogging |
| gptkbp:alsoKnownAs |
HYPERBRO
|
| gptkbp:C2Communication |
encrypted
|
| gptkbp:connectsTo |
Chinese cyber espionage
|
| gptkbp:deliveredBy |
phishing
malicious attachments |
| gptkbp:encryption |
gptkb:RC4
gptkb:AES |
| gptkbp:firstObserved |
2016
|
| https://www.w3.org/2000/01/rdf-schema#label |
HyperBro
|
| gptkbp:notable_campaign |
2017 Middle East attacks
attacks on technology companies |
| gptkbp:operatingSystem |
gptkb:Windows
|
| gptkbp:persistenceMechanism |
registry modification
scheduled tasks |
| gptkbp:programmingLanguage |
gptkb:C++
|
| gptkbp:supportsProtocol |
HTTP(S)
custom protocol |
| gptkbp:target |
private sector organizations
government organizations |
| gptkbp:type |
Trojan
|
| gptkbp:usedBy |
gptkb:APT27
|
| gptkbp:bfsParent |
gptkb:APT27
|
| gptkbp:bfsLayer |
8
|