S0579Windows

S0579Waterbear

Platforms
1
ATT&CK
14.1
References
2

Description

[Waterbear](https://attack.mitre.org/software/S0579) is modular malware attributed to [BlackTech](https://attack.mitre.org/groups/G0098) that has been used primarily for lateral movement, decrypting, and triggering payloads and is capable of hiding network behaviors.(Citation: Trend Micro Waterbear December 2019)

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupBlackTechg0098100%live

References

  1. https://attack.mitre.org/software/S0579
  2. https://www.trendmicro.com/en_us/research/19/l/waterbear-is-back-uses-api-hooking-to-evade-security-product-detection.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
BendyBear
Software
BLACKCOFFEE
Software
MechaFlounder
Software
EVILNUM
Software
BlackEnergy
Software
Sibot
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.