MuddyWater PowerShell Backdoor
GPTKB entity
Statements (26)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:malware
|
| gptkbp:abilities |
file upload
persistence file download C2 communication system reconnaissance |
| gptkbp:alias |
gptkb:POWERSTATS_backdoor
gptkb:POWERSTATS |
| gptkbp:associatedWith |
gptkb:APT34
Iranian threat actors |
| gptkbp:deliveredBy |
phishing emails
malicious attachments |
| gptkbp:detects |
gptkb:Symantec
gptkb:Microsoft_Defender |
| gptkbp:discoveredBy |
2017
|
| gptkbp:platform |
gptkb:Windows
|
| gptkbp:relatedTo |
gptkb:MuddyWater_campaign
|
| gptkbp:usedBy |
gptkb:MuddyWater
|
| gptkbp:usedFor |
remote access
data exfiltration command execution |
| gptkbp:usesMalware |
backdoor
|
| gptkbp:writtenBy |
gptkb:PowerShell
|
| gptkbp:bfsParent |
gptkb:MuddyWater
|
| gptkbp:bfsLayer |
6
|
| https://www.w3.org/2000/01/rdf-schema#label |
MuddyWater PowerShell Backdoor
|