S0679Windows

S0679Ferocious

Platforms
1
ATT&CK
14.1
References
2

Description

[Ferocious](https://attack.mitre.org/software/S0679) is a first stage implant composed of VBS and PowerShell scripts that has been used by [WIRTE](https://attack.mitre.org/groups/G0090) since at least 2021.(Citation: Kaspersky WIRTE November 2021) Documented platforms: Windows. Attributed to ATT&CK group: WIRTE. Catalogued in ATT&CK 14.1. 2 references curated.

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupWIRTEg009095%live

References

  1. https://attack.mitre.org/software/S0679
  2. https://securelist.com/wirtes-campaign-in-the-middle-east-living-off-the-land-since-at-least-2019/105044

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Explosive
Software
Sibot
Software
Felismus
Software
FoggyWeb
Software
LitePower
Software
KOCTOPUS
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.