Statements (32)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:Remote_Access_Trojan
|
| gptkbp:abilities |
Command execution
Keylogging File exfiltration Screenshot capture Remote desktop access |
| gptkbp:alsoKnownAs |
Oblique Remote Access Trojan
|
| gptkbp:associatedWith |
South Asian targets
|
| gptkbp:C2Communication |
gptkb:HTTP
HTTPS |
| gptkbp:category |
Cyber espionage malware
|
| gptkbp:deliveredBy |
Malicious attachments
Phishing emails Malicious links |
| gptkbp:detects |
gptkb:Kaspersky
gptkb:Symantec gptkb:Microsoft_Defender |
| gptkbp:exfiltrationMethod |
gptkb:HTTP_POST
|
| gptkbp:firstObserved |
2020
|
| gptkbp:notable_campaign |
2020 South Asian espionage campaign
|
| gptkbp:persistenceMechanism |
Registry modification
Scheduled tasks |
| gptkbp:platform |
gptkb:Windows
|
| gptkbp:programmingLanguage |
gptkb:C#
|
| gptkbp:relatedTo |
CrimsonRAT
|
| gptkbp:usedBy |
gptkb:APT36
|
| gptkbp:usesMalware |
gptkb:Trojan
Remote Access Tool |
| gptkbp:bfsParent |
gptkb:APT36
|
| gptkbp:bfsLayer |
8
|
| https://www.w3.org/2000/01/rdf-schema#label |
ObliqueRAT
|