S0045Windows

S0045ADVSTORESHELL

Platforms
1
ATT&CK
14.1
References
3

Description

[ADVSTORESHELL](https://attack.mitre.org/software/S0045) is a spying backdoor that has been used by [APT28](https://attack.mitre.org/groups/G0007) from at least 2012 to 2016. It is generally used for long-term espionage and is deployed on targets deemed interesting after a reconnaissance phase. (Citation: Kaspersky Sofacy) (Citation: ESET Sednit Part 2)

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupAPT28g0007100%live

References

  1. https://attack.mitre.org/software/S0045
  2. https://securelist.com/sofacy-apt-hits-high-profile-targets-with-updated-toolset/72924/
  3. http://www.welivesecurity.com/wp-content/uploads/2016/10/eset-sednit-part-2.pdf

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
POSHSPY
Software
HAMMERTOSS
Software
CozyCar
Software
EVILNUM
Software
RDAT
Software
USBStealer
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.