Statements (33)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
malware
|
| gptkbp:abilities |
command and control
data exfiltration persistence privilege escalation |
| gptkbp:alsoKnownAs |
gptkb:APT28
gptkb:Fancy_Bear gptkb:Sofacy |
| gptkbp:associatedWith |
gptkb:Russian_government
|
| gptkbp:firstObserved |
2015
|
| https://www.w3.org/2000/01/rdf-schema#label |
SofacyCORESHELL
|
| gptkbp:mitreAttackId |
S0032
|
| gptkbp:operatingSystem |
gptkb:Windows
|
| gptkbp:referencedIn |
gptkb:MITRE_ATT&CK
ESET reports FireEye reports |
| gptkbp:relatedTo |
gptkb:CHOPSTICK
gptkb:Sednit gptkb:X-Agent |
| gptkbp:target |
government organizations
military organizations media organizations defense contractors |
| gptkbp:technique |
phishing
malicious attachments spear phishing exploit kits |
| gptkbp:usedBy |
gptkb:APT28
|
| gptkbp:usesMalware |
Trojan
backdoor |
| gptkbp:writtenBy |
C
|
| gptkbp:bfsParent |
gptkb:APT28_sub-group
|
| gptkbp:bfsLayer |
7
|