TA-63

GPTKB entity

Statements (24)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:activeYearsStart at least 2020
gptkbp:alsoKnownAs gptkb:Winter_Vivern
gptkbp:associatedWith Russian interests
gptkbp:countryOfOrigin gptkb:Belarus
https://www.w3.org/2000/01/rdf-schema#label TA-63
gptkbp:monitors gptkb:CERT-UA
gptkb:Mandiant
gptkb:Proofpoint
gptkbp:notableBattle attacks on Ukrainian government entities
phishing campaign against European government officials
gptkbp:target government organizations
military organizations
Eastern European countries
NATO countries
diplomatic entities
gptkbp:technique phishing
credential harvesting
malware delivery
gptkbp:usesMalware JavaScript payloads
PowerShell scripts
custom backdoors
gptkbp:bfsParent gptkb:Los_Alamos_National_Laboratory
gptkbp:bfsLayer 4