Statements (40)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
cyber threat group
|
| gptkbp:alsoKnownAs |
gptkb:FIN7
|
| gptkbp:area |
gptkb:Australia
gptkb:Europe gptkb:United_States |
| gptkbp:arrested |
2018
|
| gptkbp:associatedWith |
cybercrime
|
| gptkbp:connectsTo |
financial theft
ransomware deployment credit card theft |
| gptkbp:firstReported |
2015
|
| https://www.w3.org/2000/01/rdf-schema#label |
TA-1357
|
| gptkbp:industry |
financial services
retail hospitality |
| gptkbp:infrastructure |
email servers
command and control servers compromised websites malicious domains |
| gptkbp:origin |
gptkb:Eastern_Europe
|
| gptkbp:technique |
phishing
remote access data exfiltration custom malware living off the land malicious attachments spear phishing lateral movement credential dumping |
| gptkbp:uses |
gptkb:PowerShell
gptkb:Metasploit gptkb:RDP SQL injection POS malware |
| gptkbp:usesMalware |
gptkb:Carbanak
gptkb:Cobalt_Strike gptkb:GrimAgent JSSLoader |
| gptkbp:bfsParent |
gptkb:Nokia_C30
|
| gptkbp:bfsLayer |
7
|