|
gptkbp:instanceOf
|
gptkb:cybercrime
|
|
gptkbp:activeYearsStart
|
2016
|
|
gptkbp:alsoKnownAs
|
gptkb:Wizard_Spider
|
|
gptkbp:connectsTo
|
gptkb:Conti_group
gptkb:TA505
gptkb:Emotet_group
gptkb:FIN6
|
|
gptkbp:continuedBy
|
gptkb:Conti_group
gptkb:Royal_ransomware_group
|
|
gptkbp:disruptedIn
|
2022
|
|
gptkbp:interruptedBy
|
gptkb:Microsoft
gptkb:Europol
gptkb:FBI
gptkb:US_Cyber_Command
|
|
gptkbp:notableFor
|
gptkb:Conti_ransomware
gptkb:TrickBot_malware
gptkb:Ryuk_ransomware
|
|
gptkbp:operates
|
globally
|
|
gptkbp:originatedIn
|
gptkb:Russia
|
|
gptkbp:target
|
financial institutions
education sector
healthcare sector
government organizations
|
|
gptkbp:technique
|
phishing
malware distribution
credential theft
lateral movement
modular malware
ransomware deployment
|
|
gptkbp:usedInfrastructure
|
gptkb:botnet
command and control servers
malware loaders
|
|
gptkbp:usesMalware
|
gptkb:Ryuk
gptkb:Cobalt_Strike
gptkb:Conti
gptkb:Anchor
gptkb:Emotet
gptkb:QakBot
gptkb:TrickLoader
gptkb:BazarBackdoor
gptkb:BazarCall
gptkb:Sidoh
gptkb:BazarLoader
gptkb:TrickBot
gptkb:TrickBooster
gptkb:TrickBot_VNC_module
gptkb:TrickBot_credgrab32_module
gptkb:TrickBot_credgrab64_module
gptkb:TrickBot_credgrab_module
gptkb:TrickBot_dpost_module
gptkb:TrickBot_importDll_module
gptkb:TrickBot_injectDll32_module
gptkb:TrickBot_injectDll64_module
gptkb:TrickBot_injectDll_module
gptkb:TrickBot_mailsearcher_module
gptkb:TrickBot_modules
gptkb:TrickBot_networkDll_module
gptkb:TrickBot_psfin_module
gptkb:TrickBot_pwgrab32_module
gptkb:TrickBot_pwgrab64_module
gptkb:TrickBot_pwgrab_module
gptkb:TrickBot_rdpScanDll_module
gptkb:TrickBot_shareDll_module
gptkb:TrickBot_socks_module
gptkb:TrickBot_systeminfo_module
gptkb:TrickBot_tabDll_module
gptkb:TrickBot_webinjects
gptkb:TrickBot_wormDll_module
gptkb:TrickBot_worm_module
|
|
gptkbp:bfsParent
|
gptkb:Conti_ransomware
gptkb:BazarLoader
|
|
gptkbp:bfsLayer
|
7
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
TrickBot group
|