|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:affects
|
hundreds of computers
|
|
gptkbp:alsoKnownAs
|
gptkb:Shamoon_2
|
|
gptkbp:cause
|
data destruction
|
|
gptkbp:connectsTo
|
gptkb:Iran
|
|
gptkbp:date
|
January 2017
August 2017
November 2016
|
|
gptkbp:enemyOf
|
destructive cyberattack
wiper malware
|
|
gptkbp:firstReported
|
2016
|
|
gptkbp:goal
|
data deletion
disruption of operations
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Shamoon 2.0 attacks
|
|
gptkbp:inspiredBy
|
gptkb:Shamoon_2012_attack
|
|
gptkbp:language
|
gptkb:Arabic
English
|
|
gptkbp:notableFeature
|
hardcoded credentials
network propagation
scheduled activation
wiper functionality
|
|
gptkbp:notableVictim
|
gptkb:Saudi_Aramco
gptkb:Sadara_Chemical_Company
|
|
gptkbp:payload
|
file deletion
MBR overwrite
|
|
gptkbp:relatedTo
|
gptkb:Shamoon_malware
|
|
gptkbp:reportsTo
|
gptkb:Kaspersky_Lab
gptkb:Symantec
gptkb:McAfee
|
|
gptkbp:supportsLanguage
|
gptkb:Arabic
English
|
|
gptkbp:target
|
gptkb:Saudi_Arabia
gptkb:energy
|
|
gptkbp:usedCredentialTheft
|
yes
|
|
gptkbp:usedHardcodedCredentials
|
yes
|
|
gptkbp:usedRansomNote
|
yes
|
|
gptkbp:usedWiper
|
Disttrack
|
|
gptkbp:usesMalware
|
gptkb:Shamoon_2.0
Disttrack
|
|
gptkbp:vectorFor
|
phishing emails
malicious attachments
|
|
gptkbp:bfsParent
|
gptkb:TA-33
|
|
gptkbp:bfsLayer
|
5
|