S0139Windows

S0139PowerDuke

Platforms
1
ATT&CK
14.1
References
2

Description

[PowerDuke](https://attack.mitre.org/software/S0139) is a backdoor that was used by [APT29](https://attack.mitre.org/groups/G0016) in 2016. It has primarily been delivered through Microsoft Word or Excel attachments containing malicious macros. (Citation: Volexity PowerDuke November 2016) Documented platforms: Windows. Attributed to ATT&CK group: APT29. Catalogued in ATT&CK 14.1. 2 references curated.

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupAPT29g0016100%live

References

  1. https://attack.mitre.org/software/S0139
  2. https://www.volexity.com/blog/2016/11/09/powerduke-post-election-spear-phishing-campaigns-targeting-think-tanks-and-ngos/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
GeminiDuke
Software
FatDuke
Software
SeaDuke
Software
MiniDuke
Software
PinchDuke
Software
LiteDuke
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.