|
gptkbp:instanceOf
|
gptkb:malware
|
|
gptkbp:abilities
|
command and control
remote access
data exfiltration
credential theft
keylogging
|
|
gptkbp:alsoKnownAs
|
gptkb:APT28
gptkb:Fancy_Bear
gptkb:Sofacy
|
|
gptkbp:analyzes
|
gptkb:CrowdStrike
gptkb:ESET
gptkb:FireEye
gptkb:Kaspersky_Lab
gptkb:Symantec
|
|
gptkbp:associatedWith
|
gptkb:Russia
|
|
gptkbp:connectsTo
|
gptkb:GRU
gptkb:Russian_military_intelligence
|
|
gptkbp:deliveredBy
|
phishing emails
malicious attachments
watering hole attacks
exploit kits
|
|
gptkbp:exploits
|
Adobe Flash vulnerabilities
Microsoft Office vulnerabilities
Windows vulnerabilities
zero-day vulnerabilities
|
|
gptkbp:firstObserved
|
2007
|
|
gptkbp:includes
|
gptkb:CHOPSTICK
gptkb:Gamefish
gptkb:X-Agent
gptkb:Zebrocy
Seduploader
|
|
gptkbp:notableBattle
|
gptkb:2016_US_Democratic_National_Committee_hack
gptkb:German_Bundestag_hack
gptkb:World_Anti-Doping_Agency_hack
|
|
gptkbp:operatingSystem
|
gptkb:Windows
gptkb:macOS
gptkb:Linux
|
|
gptkbp:programmingLanguage
|
gptkb:Python
gptkb:C++
C
|
|
gptkbp:target
|
government organizations
military organizations
media organizations
political organizations
defense contractors
|
|
gptkbp:usedBy
|
gptkb:APT28
gptkb:Fancy_Bear
|
|
gptkbp:usedFor
|
gptkb:cybercrime
|
|
gptkbp:usesMalware
|
modular
backdoor
trojan
infostealer
|
|
gptkbp:bfsParent
|
gptkb:TA-89
|
|
gptkbp:bfsLayer
|
5
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Sofacy toolkit
|