G0043

G0043Group5

Description

[Group5](https://attack.mitre.org/groups/G0043) is a threat group with a suspected Iranian nexus, though this attribution is not definite. The group has targeted individuals connected to the Syrian opposition via spearphishing and watering holes, normally using Syrian and Iranian themes. [Group5](https://attack.mitre.org/groups/G0043) has used two commonly available remote access tools (RATs), [njRAT](https://attack.mitre.org/software/S0385) and [NanoCore](https://attack.mitre.org/software/S0336), as well as an Android RAT, DroidJack. (Citation: Citizen Lab Group5)

References

  1. https://attack.mitre.org/groups/G0043
  2. https://citizenlab.ca/2016/08/group5-syria/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
TA455
Group
OilRig
Group
APT33
Group
TA505
Actor
APT42
Actor
APT43
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.