S0448Windows

S0448Rising Sun

Platforms
1
ATT&CK
14.1
References
2

Description

[Rising Sun](https://attack.mitre.org/software/S0448) is a modular backdoor that was used extensively in [Operation Sharpshooter](https://attack.mitre.org/campaigns/C0013) between 2017 and 2019. [Rising Sun](https://attack.mitre.org/software/S0448) infected at least 87 organizations around the world, including nuclear, defense, energy, and financial service companies. Security researchers assessed [Rising Sun](https://attack.mitre.org/software/S0448) included some source code from [Lazarus Group](https://attack.mitre.org/groups/G0032)'s Trojan Duuzer.(Citation: McAfee Sharpshooter December 2018)

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupLazarus Groupg0032100%live

References

  1. https://attack.mitre.org/software/S0448
  2. https://www.mcafee.com/enterprise/en-us/assets/reports/rp-operation-sharpshooter.pdf

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Operation Sharpshooter
Software
ShadowPad
Software
RDAT
Software
SUPERNOVA
Software
GoldMax
Software
Gold Dragon
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.