Statements (33)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
Advanced Persistent Threat group
|
| gptkbp:alsoKnownAs |
gptkb:MuddyWater
|
| gptkbp:associatedWith |
gptkb:Iranian_government
|
| gptkbp:attributedTo |
gptkb:Microsoft
gptkb:FireEye gptkb:US_Cyber_Command |
| gptkbp:countryOfOrigin |
gptkb:Iran
|
| gptkbp:firstReported |
2017
|
| https://www.w3.org/2000/01/rdf-schema#label |
TA-1390
|
| gptkbp:industry |
gptkb:energy
gptkb:government defense telecommunications |
| gptkbp:majorCity |
gptkb:Europe
gptkb:Middle_East gptkb:North_America |
| gptkbp:notableEvent |
attacks on government agencies in Europe
attacks on telecommunications in Middle East |
| gptkbp:relatedTo |
gptkb:APT34
gptkb:APT33 |
| gptkbp:technique |
PowerShell scripts
credential harvesting living off the land spear phishing lateral movement |
| gptkbp:usesMalware |
gptkb:BlackWater
gptkb:MuddyWater_RAT gptkb:SharpStage gptkb:Mimikatz gptkb:POWERSTATS Seashell Bladder |
| gptkbp:bfsParent |
gptkb:Nokia_C30
|
| gptkbp:bfsLayer |
7
|