🇷🇺

MALLARD SPIDER

APT Group Financial gain Financial crime 2 zero-day CVEs ETDA ✓

Also Known As 9 names

QBot Gold Lagoon Quakbot TA570 QakBot GOLD LAGOON DEV-0450 Mallard Spider PinkSlip

Target Countries

No target country recorded

Sectors Targeted

No targeted sector recorded

Details

Origin 🇷🇺 RU

Last Updated 01 Jun 2022

MITRE ATT&CK 43

T1001 - Data Obfuscation T1016 - System Network Configuration Discovery T1027 - Obfuscated Files or Information T1055 - Process Injection T1059 - Command and Scripting Interpreter T1059.002 - AppleScript T1059.007 - JavaScript T1060 - Registry Run Keys / Startup Folder T1063 - Security Software Discovery T1068 - Exploitation for Privilege Escalation T1071 - Application Layer Protocol T1071.001 - Web Protocols T1071.002 - File Transfer Protocols T1071.003 - Mail Protocols T1071.004 - DNS T1078 T1083 - File and Directory Discovery T1105 - Ingress Tool Transfer T1114 - Email Collection T1132 - Data Encoding T1140 - Deobfuscate/Decode Files or Information T1155 - AppleScript T1176 - Browser Extensions T1190 - Exploit Public-Facing Application T1204.002 T1210 - Exploitation of Remote Services T1211 - Exploitation for Defense Evasion T1412 - Capture SMS Messages T1449 - Exploit SS7 to Redirect Phone Calls/SMS T1450 - Exploit SS7 to Track Device Location T1454 - Malicious SMS Message T1496 - Resource Hijacking T1497 - Virtualization/Sandbox Evasion T1498 - Network Denial of Service T1505.001 - SQL Stored Procedures T1560 - Archive Collected Data T1562.003 - Impair Command History Logging T1566.001 T1573 - Encrypted Channel T1574 - Hijack Execution Flow T1583.005 - Botnet TA0011 - Command and Control TA0029 - Privilege Escalation

Related Zero-Days 2

CVE-2017-0147 CVE-2023-4966

MALLARD SPIDER

Also Known As 9 names

Target Countries

Sectors Targeted

Details

MITRE ATT&CK 43

Related Zero-Days 2

Known Names 2 entries

Description

Tools Used 4

Operations 13

Reports & References 1

ETDA Profile