Skip to content

Hide Navigation Hide TOC

QuietSieve - S0686 (03eb4a05-6a02-43f6-afb7-3c7835501828)

QuietSieve is an information stealer that has been used by Gamaredon Group since at least 2021.(Citation: Microsoft Actinium February 2022)

Cluster A Galaxy A Cluster B Galaxy B Level
QuietSieve - S0686 (03eb4a05-6a02-43f6-afb7-3c7835501828) Malware Network Share Discovery - T1135 (3489cfc5-640f-4bb3-a103-9137b97de79f) Attack Pattern 1
QuietSieve - S0686 (03eb4a05-6a02-43f6-afb7-3c7835501828) Malware Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161) Attack Pattern 1
QuietSieve - S0686 (03eb4a05-6a02-43f6-afb7-3c7835501828) Malware Internet Connection Discovery - T1016.001 (132d5b37-aac5-4378-a8dc-3127b18a73dc) Attack Pattern 1
QuietSieve - S0686 (03eb4a05-6a02-43f6-afb7-3c7835501828) Malware File and Directory Discovery - T1083 (7bc57495-ea59-4380-be31-a64af124ef18) Attack Pattern 1
QuietSieve - S0686 (03eb4a05-6a02-43f6-afb7-3c7835501828) Malware Ingress Tool Transfer - T1105 (e6919abc-99f9-4c6c-95a5-14761e7b2add) Attack Pattern 1
QuietSieve - S0686 (03eb4a05-6a02-43f6-afb7-3c7835501828) Malware Screen Capture - T1113 (0259baeb-9f63-4c69-bf10-eb038c390688) Attack Pattern 1
QuietSieve - S0686 (03eb4a05-6a02-43f6-afb7-3c7835501828) Malware Hidden Window - T1564.003 (cbb66055-0325-4111-aca0-40547b6ad5b0) Attack Pattern 1
QuietSieve - S0686 (03eb4a05-6a02-43f6-afb7-3c7835501828) Malware Peripheral Device Discovery - T1120 (348f1eef-964b-4eb6-bb53-69b3dcb0c643) Attack Pattern 1
QuietSieve - S0686 (03eb4a05-6a02-43f6-afb7-3c7835501828) Malware Data from Local System - T1005 (3c4a2599-71ee-4405-ba1e-0e28414b4bc5) Attack Pattern 1
Application Layer Protocol - T1071 (355be19c-ffc9-46d5-8d50-d6a036c675b6) Attack Pattern Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161) Attack Pattern 2
System Network Configuration Discovery - T1016 (707399d6-ab3e-4963-9315-d9d3818cd6a0) Attack Pattern Internet Connection Discovery - T1016.001 (132d5b37-aac5-4378-a8dc-3127b18a73dc) Attack Pattern 2
Hide Artifacts - T1564 (22905430-4901-4c2a-84f6-98243cb173f8) Attack Pattern Hidden Window - T1564.003 (cbb66055-0325-4111-aca0-40547b6ad5b0) Attack Pattern 2