SYMBOLCOMMON_NAMEaka. SYNONYMS
ps1.quadagent (Back to overview)

QUADAGENT

Actor(s): APT34

There is no description at this point.

References
2020-07-13FireEyeAndrew Thompson, Aaron Stephens
@online{thompson:20200713:scandalous:15d59a2, author = {Andrew Thompson and Aaron Stephens}, title = {{SCANdalous! (External Detection Using Network Scan Data and Automation)}}, date = {2020-07-13}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2020/07/scandalous-external-detection-using-network-scan-data-and-automation.html}, language = {English}, urldate = {2020-07-15} } SCANdalous! (External Detection Using Network Scan Data and Automation)
POWERTON QUADAGENT PoshC2
2020-01-17FireEyeFireEye
@online{fireeye:20200117:state:c000016, author = {FireEye}, title = {{State of the Hack: Spotlight Iran - from Cain & Abel to full SANDSPY}}, date = {2020-01-17}, organization = {FireEye}, url = {https://youtu.be/pBDu8EGWRC4?t=2492}, language = {English}, urldate = {2020-09-18} } State of the Hack: Spotlight Iran - from Cain & Abel to full SANDSPY
QUADAGENT Fox Kitten
2019-11-20ClearSkyClearSky Cyber Security
@online{security:20191120:muddywater:5c4adfd, author = {ClearSky Cyber Security}, title = {{MuddyWater Uses New Attack Methods in a Recent Attack Wave}}, date = {2019-11-20}, organization = {ClearSky}, url = {https://docs.google.com/document/d/1oYX3uN6KxIX_StzTH0s0yFNNoHDnV8VgmVqU5WoeErc/edit#heading=h.ez428aw98bca}, language = {English}, urldate = {2019-12-16} } MuddyWater Uses New Attack Methods in a Recent Attack Wave
QUADAGENT RogueRobin
2019-08-22CywareCyware
@online{cyware:20190822:apt34:3439fde, author = {Cyware}, title = {{APT34: The Helix Kitten Cybercriminal Group Loves to Meow Middle Eastern and International Organizations}}, date = {2019-08-22}, organization = {Cyware}, url = {https://cyware.com/blog/apt34-the-helix-kitten-cybercriminal-group-loves-to-meow-middle-eastern-and-international-organizations-48ae}, language = {English}, urldate = {2021-06-29} } APT34: The Helix Kitten Cybercriminal Group Loves to Meow Middle Eastern and International Organizations
TwoFace BONDUPDATER POWRUNER QUADAGENT Helminth ISMAgent Karkoff LONGWATCH OopsIE PICKPOCKET RGDoor VALUEVAULT
2019-04-16Robert Falcone
@online{falcone:20190416:dns:fed953e, author = {Robert Falcone}, title = {{DNS Tunneling in the Wild: Overview of OilRig’s DNS Tunneling}}, date = {2019-04-16}, url = {https://unit42.paloaltonetworks.com/dns-tunneling-in-the-wild-overview-of-oilrigs-dns-tunneling/}, language = {English}, urldate = {2019-12-03} } DNS Tunneling in the Wild: Overview of OilRig’s DNS Tunneling
BONDUPDATER QUADAGENT Alma Communicator Helminth ISMAgent

There is no Yara-Signature yet.