Kazuar malware

GPTKB entity

Statements (35)
Predicate Object
gptkbp:instanceOf malware
gptkbp:abilities remote access
credential theft
command execution
screenshot capture
file exfiltration
keylogging
gptkbp:attributedTo gptkb:Turla_group
gptkbp:discoveredBy gptkb:Palo_Alto_Networks
gptkb:Kaspersky_Lab
gptkbp:distributedBy phishing emails
compromised websites
malicious attachments
gptkbp:firstReported 2017
https://www.w3.org/2000/01/rdf-schema#label Kazuar malware
gptkbp:notableFeature modular architecture
encrypted communication
obfuscation techniques
customizable plugins
gptkbp:persistenceMechanism registry modification
scheduled tasks
gptkbp:platform gptkb:Windows
gptkbp:programmingLanguage gptkb:.NET
gptkbp:relatedTo gptkb:Sunburst_malware
gptkbp:supportsProtocol gptkb:HTTP
gptkb:SOAP
gptkb:TCP
HTTPS
gptkbp:target gptkb:energy
government organizations
military organizations
diplomatic entities
gptkbp:type backdoor
gptkbp:bfsParent gptkb:TA-64
gptkbp:bfsLayer 5