Zebrocy backdoor

URI: https://gptkb.org/entity/Zebrocy_backdoor
GPTKB entity
Statements (31)
Predicate Object
gptkbp:instanceOf malware
gptkbp:abilities remote access
data exfiltration
command execution
screenshot capture
gptkbp:alsoKnownAs gptkb:Zebrocy
Zebrocy Delphi
gptkbp:associatedWith gptkb:Russian_cyber_espionage
gptkbp:C2_Protocol gptkb:HTTP
HTTPS
SMTP
gptkbp:category cyber espionage tool
gptkbp:deliveredBy malicious attachment
phishing email
gptkbp:firstObserved 2015
https://www.w3.org/2000/01/rdf-schema#label Zebrocy backdoor
gptkbp:programmingLanguage gptkb:Delphi
gptkb:Go
gptkb:C#
gptkbp:subtechnique gptkb:T1027_(Obfuscated_Files_or_Information)
gptkb:T1105_(Ingress_Tool_Transfer)
T1059 (Command and Scripting Interpreter)
gptkbp:target gptkb:Windows
gptkb:macOS
gptkb:Linux
gptkbp:usedBy gptkb:APT28
gptkb:Fancy_Bear
gptkb:Sofacy
gptkbp:usesMalware backdoor
gptkbp:bfsParent gptkb:Zebrocy_malware
gptkbp:bfsLayer 7