S0229Windows

S0229Orz

Platforms
1
ATT&CK
14.1
References
3

Description

[Orz](https://attack.mitre.org/software/S0229) is a custom JavaScript backdoor used by [Leviathan](https://attack.mitre.org/groups/G0065). It was observed being used in 2014 as well as in August 2017 when it was dropped by Microsoft Publisher files. (Citation: Proofpoint Leviathan Oct 2017) (Citation: FireEye Periscope March 2018)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0229
  2. https://www.proofpoint.com/us/threat-insight/post/leviathan-espionage-actor-spearphishes-maritime-and-defense-targets
  3. https://www.fireeye.com/blog/threat-research/2018/03/suspected-chinese-espionage-group-targeting-maritime-and-engineering-industries.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
NanHaiShu
Software
AutoIt backdoor
Software
Okrum
Software
Zebrocy
Software
ZeroT
Software
PowerDuke
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.