LEMONDUCK

GPTKB entity

Statements (33)
Predicate Object
gptkbp:instanceOf malware
gptkbp:abilities gptkb:cryptocurrency
credential theft
spreading via brute force
spreading via email
spreading via exploits
gptkbp:alsoKnownAs Lemon Duck
gptkbp:associatedWith malware campaigns
botnet activity
gptkbp:category cybercrime
malware
gptkbp:detects gptkb:Symantec
gptkb:Microsoft_Defender
gptkb:Trend_Micro
gptkbp:exploits gptkb:EternalBlue
gptkb:BlueKeep
Exchange Server vulnerabilities
SMBGhost
gptkbp:firstObserved 2019
https://www.w3.org/2000/01/rdf-schema#label LEMONDUCK
gptkbp:notableBattle 2021 Microsoft Exchange Server attacks
gptkbp:origin unknown
gptkbp:removes competing malware
gptkbp:target gptkb:Linux_systems
Windows systems
gptkbp:type cryptomining malware
gptkbp:uses gptkb:Cobalt_Strike
PowerShell scripts
malicious emails
fileless techniques
XMRig miner
gptkbp:bfsParent gptkb:Operation_Winnti
gptkbp:bfsLayer 7