|
gptkbp:instanceOf
|
gptkb:malware
|
|
gptkbp:abilities
|
data exfiltration
credential theft
lateral movement
ransomware delivery
spamming
|
|
gptkbp:alsoKnownAs
|
gptkb:TrickLoader
|
|
gptkbp:architecture
|
modular
|
|
gptkbp:developedBy
|
cybercriminal group Wizard Spider
|
|
gptkbp:discoveredBy
|
2016
|
|
gptkbp:disruptionDate
|
October 2020
|
|
gptkbp:interruptedBy
|
gptkb:Microsoft
gptkb:US_Cyber_Command
|
|
gptkbp:notableBattle
|
attacks on financial institutions
attacks on government agencies
attacks on healthcare organizations
|
|
gptkbp:platform
|
gptkb:Microsoft_Windows
|
|
gptkbp:programmingLanguage
|
gptkb:C++
|
|
gptkbp:relatedTo
|
gptkb:Emotet
gptkb:BazarLoader
|
|
gptkbp:spreadTo
|
gptkb:Emotet_malware
malicious email attachments
malicious links
|
|
gptkbp:status
|
partially dismantled
still active in some form as of 2022
|
|
gptkbp:type
|
gptkb:malware
modular malware
|
|
gptkbp:usedBy
|
gptkb:Conti_ransomware_group
gptkb:Ryuk_ransomware_group
|
|
gptkbp:bfsParent
|
gptkb:Operation_Endgame
|
|
gptkbp:bfsLayer
|
5
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Trickbot
|