Fancy Bear Hackers Distributing Graphite Malware using PowerPoint Files
Tags
country: France Russia
maec-delivery-vectors: Watering Hole
attack-pattern: Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Rundll32 - T1218.011 Software - T1592.002 Syncappvpublishingserver - T1216.002 Tool - T1588.002 Powershell - T1086 Rundll32 - T1085
Show in Graph
Common Information
Type Value
UUID ff5dfd88-fceb-4b14-ad67-7d311c41fcab
Fingerprint e70460bba178e9c2
Analysis status DONE
Considered CTI value 1
Text language
Published Sept. 29, 2022, 4 p.m.
Added to db Sept. 29, 2022, 7 p.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Fancy Bear Hackers Distributing Graphite Malware using PowerPoint Files
Title Fancy Bear Hackers Distributing Graphite Malware using PowerPoint Files
Detected Hints/Tags/Attributes 49/3/3
Source URLs
Redirection Url
Details Source https://www.hackread.com/fancy-bear-hackers-graphite-malware-powerpoint/
URL Provider
Details Provider Source level domain
Details hackread.com www.hackread.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 163 https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 1018 
rundll32.exe
Details File 5 
dsc0002.jpeg
Details Threat Actor Identifier - APT 783 
APT28