Statements (52)
Predicate | Object |
---|---|
gptkbp:instanceOf |
malware
|
gptkbp:abilities |
stealth
remote access data exfiltration modular architecture screenshot capture command and control communication file theft network sniffing password stealing custom payloads keystroke logging |
gptkbp:alias |
gptkb:Regin
gptkb:QWERTY WarriorPride Prax |
gptkbp:category |
advanced persistent threat
state-sponsored malware cyber weapon |
gptkbp:connectsTo |
gptkb:Five_Eyes
gptkb:NSA gptkb:United_Kingdom gptkb:United_States gptkb:GCHQ |
gptkbp:detectionDifficulty |
very difficult
|
gptkbp:discoveredBy |
gptkb:Symantec
2014 |
gptkbp:diseaseVector |
spear phishing
watering hole attacks exploiting zero-day vulnerabilities |
https://www.w3.org/2000/01/rdf-schema#label |
Regin malware
|
gptkbp:notableEvent |
gptkb:European_Union_institutions
gptkb:Belgacom_hack Iranian targets Middle East targets Russian research organizations Saudi Arabian telecoms |
gptkbp:persistenceMechanism |
multiple stages
encrypted payloads hidden in system files |
gptkbp:platform |
gptkb:Microsoft_Windows
|
gptkbp:removalDifficulty |
high
|
gptkbp:target |
private individuals
research institutions government organizations telecommunications companies |
gptkbp:type |
modular malware
|
gptkbp:usedFor |
cybercrime
data collection surveillance |
gptkbp:bfsParent |
gptkb:Equation_Group
|
gptkbp:bfsLayer |
7
|