SYMBOLCOMMON_NAMEaka. SYNONYMS

Silent Chollima  (Back to overview)

aka: OperationTroy, Guardian of Peace, GOP, WHOis Team, Andariel, Subgroup: Andariel


Associated Families
win.sharpknot win.unidentified_082 win.unidentified_081 win.tiger_rat

References
2021-09-02KrCertKrCERT
@techreport{krcert:20210902:ttps6:3198c89, author = {KrCERT}, title = {{TTPs#6 Targeted Watering Hole Attack Strategy Analysis (SILENT CHOLLIMA)}}, date = {2021-09-02}, institution = {KrCert}, url = {https://www.krcert.or.kr/filedownload.do?attach_file_seq=3277&attach_file_id=EpF3277.pdf}, language = {Korean}, urldate = {2021-09-09} } TTPs#6 Targeted Watering Hole Attack Strategy Analysis (SILENT CHOLLIMA)
Tiger RAT
2021-07-15BrightTALKMathieu Gaucheler, Ariel Jungheit, Kaspersky, Vicente Diaz
@online{gaucheler:20210715:visual:79b00a1, author = {Mathieu Gaucheler and Ariel Jungheit and Kaspersky and Vicente Diaz}, title = {{Visual investigations - Speed up your IR, Forensic Analysis and Hunting}}, date = {2021-07-15}, organization = {BrightTALK}, url = {https://www.brighttalk.com/webcast/18282/493986}, language = {English}, urldate = {2021-07-20} } Visual investigations - Speed up your IR, Forensic Analysis and Hunting
Unidentified 082
2021-06-15KasperskySeongsu Park
@online{park:20210615:andariel:1e000a0, author = {Seongsu Park}, title = {{Andariel evolves to target South Korea with ransomware}}, date = {2021-06-15}, organization = {Kaspersky}, url = {https://securelist.com/andariel-evolves-to-target-south-korea-with-ransomware/102811/}, language = {English}, urldate = {2021-06-29} } Andariel evolves to target South Korea with ransomware
BISTROMATH PEBBLEDASH Unidentified 081 (Andariel Ransomware) Unidentified 082
2018-03-09NCCICNCCIC
@techreport{nccic:20180309:malware:191ad79, author = {NCCIC}, title = {{Malware Analysis Report Sharpknot}}, date = {2018-03-09}, institution = {NCCIC}, url = {https://www.us-cert.gov/sites/default/files/publications/MAR-10135536.11.WHITE.pdf}, language = {English}, urldate = {2019-11-25} } Malware Analysis Report Sharpknot
SHARPKNOT
2014-02-24RSA ConferenceDmitri Alperovitch
@techreport{alperovitch:20140224:art:df5650c, author = {Dmitri Alperovitch}, title = {{The Art of Attribution Identifying and Pursuing your Cyber Adversaries}}, date = {2014-02-24}, institution = {RSA Conference}, url = {https://docs.huihoo.com/rsaconference/usa-2014/anf-t07b-the-art-of-attribution-identifying-and-pursuing-your-cyber-adversaries-final.pdf}, language = {English}, urldate = {2020-04-06} } The Art of Attribution Identifying and Pursuing your Cyber Adversaries
ANDROMEDA SPIDER DEXTOROUS SPIDER Shell Crew Silent Chollima SINGING SPIDER Tonto Team Toxic Panda UNION SPIDER
2013-04-02Eric Romang
@online{romang:20130402:dark:20ae252, author = {Eric Romang}, title = {{Dark South Korea Total War Review}}, date = {2013-04-02}, url = {https://eromang.zataz.com/tag/agentbase-exe/}, language = {English}, urldate = {2019-11-21} } Dark South Korea Total War Review
SHARPKNOT

Credits: MISP Project