Statements (36)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
malware
|
| gptkbp:abilities |
remote access
persistence command execution screenshot capture file exfiltration keylogging |
| gptkbp:attributedTo |
gptkb:Turla_group
|
| gptkbp:communication |
gptkb:FTP
gptkb:HTTP HTTPS SMTP |
| gptkbp:discoveredBy |
gptkb:Kaspersky_Lab
2017 |
| gptkbp:encryption |
gptkb:RSA
gptkb:AES |
| https://www.w3.org/2000/01/rdf-schema#label |
Kazuar backdoor
|
| gptkbp:notableFeature |
modular architecture
customizable plugins code obfuscation multi-protocol communication |
| gptkbp:persistenceMechanism |
registry modification
scheduled tasks |
| gptkbp:platform |
gptkb:Windows
|
| gptkbp:programmingLanguage |
gptkb:.NET
|
| gptkbp:relatedTo |
gptkb:Sunburst_malware
|
| gptkbp:target |
private companies
government organizations military organizations diplomatic entities |
| gptkbp:type |
backdoor
|
| gptkbp:usedBy |
APT groups
|
| gptkbp:usesMalware |
gptkb:Kazuar
|
| gptkbp:bfsParent |
gptkb:Epic_Turla
gptkb:Turla |
| gptkbp:bfsLayer |
6
|