Manuscrypt malware

GPTKB entity

Statements (37)
Predicate Object
gptkbp:instanceOf malware
gptkbp:abilities file upload
command execution
screenshot capture
file download
keylogging
system information collection
process enumeration
gptkbp:alsoKnownAs gptkb:Manuscrypt
gptkb:NukeSped
Nokki
gptkbp:C2Communication gptkb:HTTP
HTTPS
custom protocols
gptkbp:connectsTo gptkb:Operation_AppleJeus
gptkb:Operation_Troy
Operation DarkHotel
gptkbp:deliveredBy phishing emails
malicious attachments
watering hole attacks
gptkbp:detects gptkb:ESET
gptkb:Kaspersky_Lab
gptkb:Symantec
gptkbp:developedBy gptkb:Lazarus_Group
gptkbp:firstObserved 2017
https://www.w3.org/2000/01/rdf-schema#label Manuscrypt malware
gptkbp:notableBattle attacks on defense industry
attacks on government organizations
attacks on cryptocurrency exchanges
gptkbp:platform gptkb:Windows
gptkbp:relatedTo Lazarus Group malware family
gptkbp:usedBy North Korean threat actors
gptkbp:usedFor cybercrime
remote access
data exfiltration
gptkbp:bfsParent gptkb:Manuscrypt
gptkbp:bfsLayer 7