Statements (34)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:cyber_threat_group
|
| gptkbp:alsoKnownAs |
gptkb:Gold_Blackburn
Mummy Spider UNC2542 |
| gptkbp:countryOfOrigin |
gptkb:unknown
|
| gptkbp:firstReported |
2014
|
| gptkbp:infrastructure |
botnets
|
| gptkbp:mainActivity |
malware distribution
|
| gptkbp:notable_campaign |
Emotet botnet campaigns
|
| gptkbp:notableEvent |
Emotet takedown (2021)
|
| gptkbp:resumedActivity |
2021
|
| gptkbp:tactics |
gptkb:malware_loader
phishing malspam |
| gptkbp:target |
gptkb:government
gptkb:government_ministry healthcare sector global organizations |
| gptkbp:technique |
command and control
data exfiltration malicious attachments credential theft lateral movement email thread hijacking macro-enabled documents |
| gptkbp:uses |
gptkb:Cobalt_Strike
gptkb:QakBot gptkb:Ryuk_ransomware gptkb:TrickBot |
| gptkbp:usesMalware |
gptkb:Emotet
|
| gptkbp:bfsParent |
gptkb:Emotet
gptkb:Emotet_malware |
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
TA542 threat group
|