S0533Windows

S0533SLOTHFULMEDIA

Platforms
1
ATT&CK
14.1
References
6

Description

[SLOTHFULMEDIA](https://attack.mitre.org/software/S0533) is a remote access Trojan written in C++ that has been used by an unidentified "sophisticated cyber actor" since at least January 2017.(Citation: CISA MAR SLOTHFULMEDIA October 2020)(Citation: Costin Raiu IAmTheKing October 2020) It has been used to target government organizations, defense contractors, universities, and energy companies in Russia, India, Kazakhstan, Kyrgyzstan, Malaysia, Ukraine, and Eastern Europe.(Citation: USCYBERCOM SLOTHFULMEDIA October 2020)(Citation: Kaspersky IAmTheKing October 2020) In October 2020, Kaspersky Labs assessed [SLOTHFULMEDIA](https://attack.mitre.org/software/S0533) is part of an activity cluster it refers to as "IAmTheKing".(Citation: Kaspersky IAmTheKing October 2020) ESET also noted code similarity between [SLOTHFULMEDIA](https://attack.mitre.org/software/S0533) and droppers used by a group it refers to as "PowerPool".(Citation: ESET PowerPool Code October 2020)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0533
  2. https://us-cert.cisa.gov/ncas/analysis-reports/ar20-275a
  3. https://twitter.com/craiu/status/1311920398259367942
  4. https://twitter.com/CNMF_CyberAlert/status/1311743710997159953
  5. https://securelist.com/iamtheking-and-the-slothfulmedia-malware-family/99000/
  6. https://twitter.com/ESETresearch/status/1311762215490461696

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
BLINDINGCAN
Software
PingPull
Software
ECCENTRICBANDWAGON
Software
FatDuke
Software
Octopus
Software
EVILNUM
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.