Zebrocy

GPTKB entity

Statements (50)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:activeYearsStart 2015
gptkbp:alsoKnownAs gptkb:APT28_sub-group
gptkb:Sednit
gptkbp:associatedWith gptkb:APT28
gptkb:Fancy_Bear
gptkbp:connectsTo gptkb:GRU
gptkb:Russian_military_intelligence
gptkbp:countryOfOrigin gptkb:Russia
https://www.w3.org/2000/01/rdf-schema#label Zebrocy
gptkbp:language gptkb:Russian
English
gptkbp:notableOperation attacks on Central Asian governments
attacks on European governments
attacks on embassies
gptkbp:observedBy gptkb:Kaspersky
gptkb:CrowdStrike
gptkb:ESET
gptkb:FireEye
gptkb:MITRE_ATT&CK
gptkbp:target gptkb:Central_Asia
gptkb:Western_Europe
gptkb:Eastern_Europe
government organizations
military organizations
diplomatic organizations
gptkbp:technique phishing emails
credential harvesting
custom backdoors
malicious attachments
spear phishing
malware loaders
gptkbp:TTPs data exfiltration
lateral movement
custom malware development
initial access via phishing
multi-stage infection chains
gptkbp:usesMalware gptkb:Zebrocy_malware
gptkb:Delphi
gptkb:Python
gptkb:Go
gptkb:C++
gptkb:.NET
.NET malware
Delphi malware
Go malware
Python malware
gptkbp:bfsParent gptkb:TA-102
gptkb:TA-89
gptkbp:bfsLayer 5