Statements (37)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
malware
|
| gptkbp:abilities |
file upload
command execution screenshot capture file download keylogging system information collection process enumeration |
| gptkbp:alsoKnownAs |
gptkb:Manuscrypt
gptkb:NukeSped Nokki |
| gptkbp:C2Communication |
gptkb:HTTP
HTTPS custom protocols |
| gptkbp:connectsTo |
gptkb:Operation_AppleJeus
gptkb:Operation_Troy Operation DarkHotel |
| gptkbp:deliveredBy |
phishing emails
malicious attachments watering hole attacks |
| gptkbp:detects |
gptkb:ESET
gptkb:Kaspersky_Lab gptkb:Symantec |
| gptkbp:developedBy |
gptkb:Lazarus_Group
|
| gptkbp:firstObserved |
2017
|
| https://www.w3.org/2000/01/rdf-schema#label |
Manuscrypt malware
|
| gptkbp:notableBattle |
attacks on defense industry
attacks on government organizations attacks on cryptocurrency exchanges |
| gptkbp:platform |
gptkb:Windows
|
| gptkbp:relatedTo |
Lazarus Group malware family
|
| gptkbp:usedBy |
North Korean threat actors
|
| gptkbp:usedFor |
cybercrime
remote access data exfiltration |
| gptkbp:bfsParent |
gptkb:Manuscrypt
|
| gptkbp:bfsLayer |
7
|