gptkbp:instanceOf
|
malware
|
gptkbp:abilities
|
command and control
remote access
data exfiltration
|
gptkbp:alsoKnownAs
|
gptkb:APT28
gptkb:Fancy_Bear
gptkb:Sofacy
|
gptkbp:area
|
gptkb:Asia
gptkb:Europe
gptkb:United_States
|
gptkbp:associatedWith
|
gptkb:Russian_military_intelligence
|
gptkbp:category
|
cybercrime
|
gptkbp:connectsTo
|
gptkb:GRU
|
gptkbp:deliveredBy
|
phishing emails
malicious attachments
exploit kits
|
gptkbp:exfiltrationMethod
|
gptkb:FTP
gptkb:HTTP
HTTPS
|
gptkbp:firstObserved
|
2014
|
https://www.w3.org/2000/01/rdf-schema#label
|
SofacyADVSTORESHELL
|
gptkbp:industry
|
gptkb:energy
gptkb:government
gptkb:media
gptkb:military
defense
|
gptkbp:notableEvent
|
gptkb:2016_US_Democratic_National_Committee_hack
|
gptkbp:operatingSystem
|
gptkb:Windows
|
gptkbp:persistenceMechanism
|
registry modification
scheduled tasks
|
gptkbp:programmingLanguage
|
gptkb:C++
C
|
gptkbp:subtechnique
|
gptkb:T1027_(Obfuscated_Files_or_Information)
gptkb:T1071_(Application_Layer_Protocol)
gptkb:T1105_(Ingress_Tool_Transfer)
|
gptkbp:usedBy
|
gptkb:APT28
|
gptkbp:usesMalware
|
backdoor
|
gptkbp:bfsParent
|
gptkb:Sednit
|
gptkbp:bfsLayer
|
6
|