SofacyCORESHELL

GPTKB entity

Statements (33)
Predicate Object
gptkbp:instanceOf malware
gptkbp:abilities command and control
data exfiltration
persistence
privilege escalation
gptkbp:alsoKnownAs gptkb:APT28
gptkb:Fancy_Bear
gptkb:Sofacy
gptkbp:associatedWith gptkb:Russian_government
gptkbp:firstObserved 2015
https://www.w3.org/2000/01/rdf-schema#label SofacyCORESHELL
gptkbp:mitreAttackId S0032
gptkbp:operatingSystem gptkb:Windows
gptkbp:referencedIn gptkb:MITRE_ATT&CK
ESET reports
FireEye reports
gptkbp:relatedTo gptkb:CHOPSTICK
gptkb:Sednit
gptkb:X-Agent
gptkbp:target government organizations
military organizations
media organizations
defense contractors
gptkbp:technique phishing
malicious attachments
spear phishing
exploit kits
gptkbp:usedBy gptkb:APT28
gptkbp:usesMalware Trojan
backdoor
gptkbp:writtenBy C
gptkbp:bfsParent gptkb:APT28_sub-group
gptkbp:bfsLayer 7