TrickBot group

GPTKB entity

Statements (72)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:activeYearsStart 2016
gptkbp:alsoKnownAs gptkb:Wizard_Spider
gptkbp:connectsTo gptkb:Conti_group
gptkb:TA505
gptkb:Emotet_group
gptkb:FIN6
gptkbp:continuedBy gptkb:Conti_group
gptkb:Royal_ransomware_group
gptkbp:disruptedIn 2022
https://www.w3.org/2000/01/rdf-schema#label TrickBot group
gptkbp:interruptedBy gptkb:Microsoft
gptkb:Europol
gptkb:FBI
gptkb:US_Cyber_Command
gptkbp:notableFor gptkb:Conti_ransomware
gptkb:TrickBot_malware
gptkb:Ryuk_ransomware
gptkbp:operates globally
gptkbp:originatedIn gptkb:Russia
gptkbp:target financial institutions
education sector
healthcare sector
government organizations
gptkbp:technique phishing
malware distribution
credential theft
lateral movement
modular malware
ransomware deployment
gptkbp:usedInfrastructure command and control servers
botnet
malware loaders
gptkbp:usesMalware gptkb:Ryuk
gptkb:Cobalt_Strike
gptkb:Conti
gptkb:Anchor
gptkb:Emotet
gptkb:QakBot
gptkb:TrickLoader
gptkb:BazarBackdoor
gptkb:BazarCall
gptkb:Sidoh
gptkb:BazarLoader
gptkb:TrickBot
gptkb:TrickBooster
gptkb:TrickBot_VNC_module
gptkb:TrickBot_credgrab32_module
gptkb:TrickBot_credgrab64_module
gptkb:TrickBot_credgrab_module
gptkb:TrickBot_dpost_module
gptkb:TrickBot_importDll_module
gptkb:TrickBot_injectDll32_module
gptkb:TrickBot_injectDll64_module
gptkb:TrickBot_injectDll_module
gptkb:TrickBot_mailsearcher_module
gptkb:TrickBot_modules
gptkb:TrickBot_networkDll_module
gptkb:TrickBot_psfin_module
gptkb:TrickBot_pwgrab32_module
gptkb:TrickBot_pwgrab64_module
gptkb:TrickBot_pwgrab_module
gptkb:TrickBot_rdpScanDll_module
gptkb:TrickBot_shareDll_module
gptkb:TrickBot_socks_module
gptkb:TrickBot_systeminfo_module
gptkb:TrickBot_tabDll_module
gptkb:TrickBot_webinjects
gptkb:TrickBot_wormDll_module
gptkb:TrickBot_worm_module
gptkbp:bfsParent gptkb:BazarLoader
gptkbp:bfsLayer 6