MuddyWater RAT

GPTKB entity

Statements (31)
Predicate Object
gptkbp:instanceOf malware
gptkbp:abilities data exfiltration
command execution
keylogging
remote control of infected systems
gptkbp:alsoKnownAs gptkb:MuddyWater_Remote_Access_Trojan
gptkbp:category cyber espionage tool
gptkbp:connectsTo gptkb:APT34
Iranian threat actors
gptkbp:deliveredBy phishing emails
malicious attachments
gptkbp:detects gptkb:Kaspersky
gptkb:Symantec
gptkb:Microsoft_Defender
gptkbp:firstObserved 2017
https://www.w3.org/2000/01/rdf-schema#label MuddyWater RAT
gptkbp:programmingLanguage gptkb:Python
gptkb:PowerShell
gptkb:.NET
gptkbp:target gptkb:Middle_East
gptkb:South_Asia
gptkb:energy
government organizations
telecommunications companies
gptkbp:usedBy gptkb:MuddyWater_group
gptkbp:uses custom scripts
obfuscation techniques
living off the land binaries
gptkbp:usesMalware Trojan
gptkbp:bfsParent gptkb:MuddyWater
gptkbp:bfsLayer 6