|
gptkbp:instanceOf
|
malware
|
|
gptkbp:alsoKnownAs
|
gptkb:ExPetr
gptkb:Nyetya
|
|
gptkbp:category
|
cybercrime
information security incident
|
|
gptkbp:class
|
cyberweapon
state-sponsored attack
|
|
gptkbp:destroyedBy
|
disrupted businesses worldwide
global financial losses
|
|
gptkbp:detects
|
gptkb:Microsoft
gptkb:Kaspersky_Lab
gptkb:Symantec
|
|
gptkbp:discoveredBy
|
June 2017
|
|
gptkbp:distinctFrom
|
Petya (NotPetya is more destructive)
|
|
gptkbp:exploits
|
gptkb:EternalBlue
gptkb:EternalRomance
gptkb:MS17-010
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
NotPetya malware
|
|
gptkbp:initialInfectionVector
|
compromised MeDoc software update
|
|
gptkbp:notableBattle
|
gptkb:Ukraine_cyberattack_2017
|
|
gptkbp:notableEvent
|
June 27, 2017
|
|
gptkbp:notableFeature
|
irreversible data destruction
masqueraded as ransomware
used legitimate software update mechanism
|
|
gptkbp:notableVictim
|
gptkb:Parliament_of_the_United_Kingdom
gptkb:Rosneft
gptkb:Merck_&_Co.
gptkb:Mondelez_International
gptkb:Maersk
|
|
gptkbp:origin
|
gptkb:Ukraine
|
|
gptkbp:perpetrator
|
gptkb:Russian_military_(GRU)
|
|
gptkbp:platform
|
gptkb:Microsoft_Windows
|
|
gptkbp:ransomDemanded
|
$300 in Bitcoin
|
|
gptkbp:relatedTo
|
gptkb:Petya_malware
|
|
gptkbp:spreadTo
|
gptkb:PsExec
gptkb:Windows_Management_Instrumentation_(WMI)
gptkb:Asia
gptkb:Australia
gptkb:Europe
gptkb:Russia
gptkb:United_States
gptkb:Mimikatz
gptkb:EternalBlue_exploit
|
|
gptkbp:supportsAlgorithm
|
gptkb:RSA-2048
AES-128
|
|
gptkbp:target
|
gptkb:Ukraine
|
|
gptkbp:type
|
malware
wiper
|
|
gptkbp:bfsParent
|
gptkb:TA-94
|
|
gptkbp:bfsLayer
|
5
|