Statements (31)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
malware
|
| gptkbp:abilities |
data exfiltration
command execution keylogging remote control of infected systems |
| gptkbp:alsoKnownAs |
gptkb:MuddyWater_Remote_Access_Trojan
|
| gptkbp:category |
cyber espionage tool
|
| gptkbp:connectsTo |
gptkb:APT34
Iranian threat actors |
| gptkbp:deliveredBy |
phishing emails
malicious attachments |
| gptkbp:detects |
gptkb:Kaspersky
gptkb:Symantec gptkb:Microsoft_Defender |
| gptkbp:firstObserved |
2017
|
| https://www.w3.org/2000/01/rdf-schema#label |
MuddyWater RAT
|
| gptkbp:programmingLanguage |
gptkb:Python
gptkb:PowerShell gptkb:.NET |
| gptkbp:target |
gptkb:Middle_East
gptkb:South_Asia gptkb:energy government organizations telecommunications companies |
| gptkbp:usedBy |
gptkb:MuddyWater_group
|
| gptkbp:uses |
custom scripts
obfuscation techniques living off the land binaries |
| gptkbp:usesMalware |
Trojan
|
| gptkbp:bfsParent |
gptkb:MuddyWater
|
| gptkbp:bfsLayer |
6
|