ScarCruft backdoor

URI: https://gptkb.org/entity/ScarCruft_backdoor

GPTKB entity

Predicate	Object
gptkbp:instanceOf	gptkb:malware
gptkbp:abilities	remote access data exfiltration command execution
gptkbp:area	gptkb:South_Korea gptkb:East_Asia
gptkbp:associatedWith	gptkb:North_Korea gptkb:APT37
gptkbp:C2Communication	gptkb:HTTP HTTPS
gptkbp:deliveredBy	phishing emails malicious attachments
gptkbp:discoveredBy	gptkb:Kaspersky_Lab ESTsecurity
gptkbp:firstReported	2016
gptkbp:persistenceMechanism	registry modification scheduled tasks
gptkbp:platform	gptkb:Windows
gptkbp:usedBy	gptkb:ScarCruft
gptkbp:usesMalware	backdoor
gptkbp:bfsParent	gptkb:APT37
gptkbp:bfsLayer	8
https://www.w3.org/2000/01/rdf-schema#label	ScarCruft backdoor