Gamaredon

MITRE G0047
Reports
6
First seen
Oct 1
Last seen
Jun 25
Motivation
espionage, cyberespionage, espionage and disruption of Ukraine

Targeting

Sectors
government ×4
Victim regions
Ukraine ×4

Top ATT&CK techniques

T1566 Phishing ×5T1005 Data from Local System ×3T1041 Exfiltration Over C2 Channel ×3T1598 Phishing for Information ×2T1557 Adversary-in-the-Middle ×2T1059.005 Command and Scripting Interpreter: Visual Basic ×2T1566.001 Phishing: Spearphishing Attachment ×2T1567.002 Exfiltration Over Web Service: Exfiltration to Cloud Storage ×2T1105 Ingress Tool Transfer ×2T1190 Exploit Public-Facing Application ×2T1071.001 Application Layer Protocol: Web Protocols ×2T1059.001 PowerShell ×2

Indicators

domain ×17cve ×12filename ×1

Indicator values are available on Pro and via the API.

Associated CVEs

Recent reports

This page shows data on a 7-day delay. Free accounts get the full delayed feed; real-time reports, indicators, and the API start at $29/mo.