SYMBOLCOMMON_NAMEaka. SYNONYMS
win.gramdoor (Back to overview)

GRAMDOOR

aka: Small Sieve

Actor(s): MuddyWater

There is no description at this point.

References
2022-02-25infoRisk TODAYPrajeet Nair
@online{nair:20220225:muddywater:62fb30e, author = {Prajeet Nair}, title = {{MuddyWater Targets Critical Infrastructure in Asia, Europe}}, date = {2022-02-25}, organization = {infoRisk TODAY}, url = {https://www.inforisktoday.com/muddywater-targets-critical-infrastructure-in-asia-europe-a-18611}, language = {English}, urldate = {2022-03-04} } MuddyWater Targets Critical Infrastructure in Asia, Europe
POWERSTATS PowGoop STARWHALE GRAMDOOR MoriAgent
2022-02-24FBI, CISA, CNMF, NCSC UK, NSA
@techreport{fbi:20220224:iranian:9117e42, author = {FBI and CISA and CNMF and NCSC UK and NSA}, title = {{Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks}}, date = {2022-02-24}, institution = {}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-055A_Iranian_Government-Sponsored_Actors_Conduct_Cyber_Operations.pdf}, language = {English}, urldate = {2022-03-01} } Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
POWERSTATS PowGoop GRAMDOOR MoriAgent
2022-02-24MandiantRyan Tomcik, Emiel Haeghebaert, Tufail Ahmed
@online{tomcik:20220224:left:dfe77e0, author = {Ryan Tomcik and Emiel Haeghebaert and Tufail Ahmed}, title = {{Left On Read: Telegram Malware Spotted in Latest Iranian Cyber Espionage Activity}}, date = {2022-02-24}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/telegram-malware-iranian-espionage}, language = {English}, urldate = {2022-03-01} } Left On Read: Telegram Malware Spotted in Latest Iranian Cyber Espionage Activity
STARWHALE GRAMDOOR

There is no Yara-Signature yet.