🇷🇺

BuhTrap

APT Group Financial crime ETDA ✓

Also Known As

No alias recorded

Target Countries 3

Countries highlighted in red

Croatia Ukraine United States

Sectors Targeted

Government Commercial Banking 52211 Financial Real Estate 531 Internet Publishing and Broadcasting and Web Search Portals 51913

Details

Origin 🇷🇺 RU

Last Updated 01 Jun 2022

MITRE ATT&CK 26

T1027 - Obfuscated Files or Information T1033 - System Owner/User Discovery T1059.001 - PowerShell T1059.003 - Windows Command Shell T1059.007 - JavaScript T1070.003 - Clear Command History T1071.001 - Web Protocols T1078 T1078.001 T1082 - System Information Discovery T1095 - Non-Application Layer Protocol T1105 - Ingress Tool Transfer T1106 - Native API T1140 - Deobfuscate/Decode Files or Information T1203 - Exploitation for Client Execution T1204.001 - Malicious Link T1204.002 - Malicious File T1218.005 - Mshta T1547 - Boot or Logon Autostart Execution T1547.001 - Registry Run Keys / Startup Folder T1564.003 - Hidden Window T1566.001 - Spearphishing Attachment T1566.002 - Spearphishing Link T1583.001 - Domains T1583.006 - Web Services T1598.003 - Spearphishing Link

Related Zero-Days

No zero-day CVE linked to this actor

BuhTrap

Also Known As

Target Countries 3

Sectors Targeted

Details

MITRE ATT&CK 26

Related Zero-Days

Known Names 3 entries

Observed Target Countries 2

Description

Tools Used 4

Operations 6

Reports & References 2

ETDA Profile