|
gptkbp:instanceOf
|
malware
|
|
gptkbp:abilities
|
data exfiltration
modular architecture
credential theft
lateral movement
ransomware delivery
spreading via networks
|
|
gptkbp:alias
|
gptkb:TrickLoader
gptkb:TheTrick
trickster
|
|
gptkbp:associatedWith
|
gptkb:Conti_ransomware
gptkb:Ryuk_ransomware
|
|
gptkbp:discoveredBy
|
2016
|
|
gptkbp:distributedBy
|
gptkb:Emotet_malware
malicious email attachments
malicious links
|
|
gptkbp:exploits
|
gptkb:EternalBlue_vulnerability
SMB vulnerabilities
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
TrickBot malware
|
|
gptkbp:notableEvent
|
disrupted by Microsoft and partners in 2020
infrastructure taken down in 2022
|
|
gptkbp:origin
|
Russia-linked cybercriminals
|
|
gptkbp:purpose
|
banking credential theft
|
|
gptkbp:status
|
disrupted
still active in some variants as of 2023
|
|
gptkbp:target
|
gptkb:Windows_operating_systems
|
|
gptkbp:type
|
trojan
|
|
gptkbp:usedFor
|
cybercrime
ransomware attacks
information stealing
botnet operations
|
|
gptkbp:writtenBy
|
gptkb:JavaScript
gptkb:PowerShell
gptkb:C++
|
|
gptkbp:bfsParent
|
gptkb:Wizard_Spider_group
|
|
gptkbp:bfsLayer
|
6
|