S0044Windows

S0044JHUHUGIT

Platforms
1
ATT&CK
14.1
References
8

Description

[JHUHUGIT](https://attack.mitre.org/software/S0044) is malware used by [APT28](https://attack.mitre.org/groups/G0007). It is based on Carberp source code and serves as reconnaissance malware. (Citation: Kaspersky Sofacy) (Citation: F-Secure Sofacy 2015) (Citation: ESET Sednit Part 1) (Citation: FireEye APT28 January 2017)

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupAPT28g0007100%live

References

  1. https://attack.mitre.org/software/S0044
  2. https://securelist.com/sofacy-apt-hits-high-profile-targets-with-updated-toolset/72924/
  3. https://labsblog.f-secure.com/2015/09/08/sofacy-recycles-carberp-and-metasploit-code/
  4. http://www.welivesecurity.com/wp-content/uploads/2016/10/eset-sednit-part1.pdf
  5. https://www2.fireeye.com/rs/848-DID-242/images/APT28-Center-of-Storm-2017.pdf
  6. https://www.symantec.com/blogs/election-security/apt28-espionage-military-government
  7. https://blog.talosintelligence.com/2017/10/cyber-conflict-decoy-document.html
  8. https://researchcenter.paloaltonetworks.com/2018/02/unit42-sofacy-attacks-multiple-government-entities/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Carberp
Software
ShimRat
Software
CozyCar
Software
Carbanak
Software
Azorult
Software
AutoIt backdoor
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.