Rectifyq📃Title: APT PROFILE – FANCY BEAR
📅Date: 2024-06-26
🔗References:
🔖Rectifyq Taxonomies:
- relevancy: 🔴 Highly Relevant
- category: ⚔Threat
- sub-category: TA-profile
- target: broad-based
- MY-relevancy: relevant
- action-taken: diamond-model
🔖MISP Galaxies:
- producer Cyfirma
- threat-actor APT28
- malpedia=“Cannon”
- malpedia=“Coreshell”
- malpedia=“Downdelph”
- malpedia=“GooseEgg”
- malpedia=“Headlace”
- malpedia=“HideDRV”
- malpedia=“Koadic”
- malpedia=“Komplex”
- malpedia=“LoJax”
- malpedia=“MASEPIE”
- malpedia=“OCEANMAP”
- malpedia=“OLDBAIT”
- malpedia=“PocoDown”
- malpedia=“Responder”
- malpedia=“STEELHOOK”
- malpedia=“Sedreco”
- malpedia=“Seduploader”
- malpedia=“SkinnyBoy”
- malpedia=“VPNFilter”
- malpedia=“X-Agent (ELF)”
- malpedia=“X-Agent (Windows)”
- malpedia=“XTunnel”
- malpedia=“Zebrocy (AutoIT)”
- target-information=“Afghanistan”
- target-information=“Australia”
- target-information=“Brazil”
- target-information=“Cambodia”
- target-information=“France”
- target-information=“Georgia”
- target-information=“Germany”
- target-information=“India”
- target-information=“Indonesia”
- target-information=“Kazakhstan”
- target-information=“Malaysia”
- target-information=“Moldova”
- target-information=“Pakistan”
- target-information=“Romania”
- target-information=“South Africa”
- target-information=“Syria”
- target-information=“Thailand”
- target-information=“Turkey”
- target-information=“Ukraine”
- target-information=“United States”
- target-information=“Vietnam”
- mitre-attack-pattern=[‘T1003.008’, ‘T1098.002’, ‘T1550.001’, ‘T1560’, ‘T1560.001’, ‘T1119’, ‘T1102.002’, ‘T1542.003’, ‘T1110’, ‘T1070.001’, ‘T1078.004’, ‘T1092’, ‘T1546.015’, ‘T1589.001’, ‘T1030’, ‘T1213’, ‘T1005’, ‘T1039’, ‘T1025’, ‘T1140’, ‘T1583.001’, ‘T1189’, ‘T1559.002’, ‘T1586.002’, ‘T1048.002’, ‘T1567’, ‘T1190’, ‘T1203’, ‘T1211’, ‘T1068’, ‘T1210’, ‘T1090.002’, ‘T1133’, ‘T1070.004’, ‘T1083’, ‘T1564.001’, ‘T1564.003’, ‘T1105’, ‘T1001.001’, ‘T1056.001’, ‘T1003.001’, ‘T1074.001’, ‘T1037.001’, ‘T1071.003’, ‘T1204.002’, ‘T1204.001’, ‘T1036’, ‘T1036.005’, ‘T1090.003’, ‘T1003.003’, ‘T1498’, ‘T1040’, ‘T1027’, ‘T1137.002’, ‘T1550.002’, ‘T1110.001’, ‘T1110.003’, ‘T1120’, ‘T1598’, ‘T1059.001’, ‘T1057’, ‘T1547.001’, ‘T1074.002’, ‘T1114.002’, ‘T1091’, ‘T1014’, ‘T1218.011’, ‘T1021.002’, ‘T1113’, ‘T1213.002’, ‘T1566.001’, ‘T1566.002’, ‘T1598.003’, ‘T1528’, ‘T1573.001’, ‘T1221’, ‘T1070.006’, ‘T1134.001’, ‘T1588.002’, ‘T1199’, ‘T1078’, ‘T1595.002’, ‘T1071.001’, ‘T1583.006’, ‘T1505.003’, ‘T1059.003’]
MISP event uuid: acb7fb38-d448-4087-820d-bd8c93156ccc
Indicator of Compromise (IoCs)
type,value,comment
Full IOCs available in Rectifyq's MISP```