PowerDuke

GPTKB entity

Statements (23)
Predicate Object
gptkbp:instanceOf malware
gptkbp:abilities commandExecution
dataExfiltration
fileDownload
fileUpload
gptkbp:associatedWith gptkb:Russian_cyber_espionage
gptkbp:C2Communication gptkb:HTTP
HTTPS
gptkbp:deliveredBy maliciousAttachment
phishingEmail
gptkbp:firstReported 2016
https://www.w3.org/2000/01/rdf-schema#label PowerDuke
gptkbp:platform gptkb:Windows
gptkbp:technique encrypted communications
obfuscation
fileless malware execution
gptkbp:usedBy gptkb:APT29
gptkbp:usedIn targeted attacks on NGOs
targeted attacks on US think tanks
gptkbp:usesMalware backdoor
gptkbp:writtenBy gptkb:PowerShell
gptkbp:bfsParent gptkb:Cozy_Bear
gptkbp:bfsLayer 6