Skip to content

Hide Navigation Hide TOC

OLDBAIT - S0138 (2dd34b01-6110-4aac-835d-b5e7b936b0be)

OLDBAIT is a credential harvester used by APT28. (Citation: FireEye APT28) (Citation: FireEye APT28 January 2017)

Cluster A Galaxy A Cluster B Galaxy B Level
OLDBAIT - S0138 (2dd34b01-6110-4aac-835d-b5e7b936b0be) Malware Credentials from Password Stores - T1555 (3fc9b85a-2862-4363-a64d-d692e3ffbee0) Attack Pattern 1
Credentials from Web Browsers - T1555.003 (58a3e6aa-4453-4cc8-a51f-4befe80b31a8) Attack Pattern OLDBAIT - S0138 (2dd34b01-6110-4aac-835d-b5e7b936b0be) Malware 1
OLDBAIT (6d1e2736-d363-49aa-9054-9c9e4ac0c520) Tool OLDBAIT - S0138 (2dd34b01-6110-4aac-835d-b5e7b936b0be) Malware 1
Mail Protocols - T1071.003 (54b4c251-1f0e-4eba-ba6b-dbc7a6f6f06b) Attack Pattern OLDBAIT - S0138 (2dd34b01-6110-4aac-835d-b5e7b936b0be) Malware 1
Match Legitimate Name or Location - T1036.005 (1c4e5d32-1fe9-4116-9d9d-59e3925bd6a2) Attack Pattern OLDBAIT - S0138 (2dd34b01-6110-4aac-835d-b5e7b936b0be) Malware 1
OLDBAIT - S0138 (2dd34b01-6110-4aac-835d-b5e7b936b0be) Malware Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161) Attack Pattern 1
Obfuscated Files or Information - T1027 (b3d682b6-98f2-4fb0-aa3b-b4df007ca70a) Attack Pattern OLDBAIT - S0138 (2dd34b01-6110-4aac-835d-b5e7b936b0be) Malware 1
Credentials from Web Browsers - T1555.003 (58a3e6aa-4453-4cc8-a51f-4befe80b31a8) Attack Pattern Credentials from Password Stores - T1555 (3fc9b85a-2862-4363-a64d-d692e3ffbee0) Attack Pattern 2
OLDBAIT (6d1e2736-d363-49aa-9054-9c9e4ac0c520) Tool OLDBAIT (b79a6b61-f122-4823-a4ab-bbab89fcaf75) Malpedia 2
Application Layer Protocol - T1071 (355be19c-ffc9-46d5-8d50-d6a036c675b6) Attack Pattern Mail Protocols - T1071.003 (54b4c251-1f0e-4eba-ba6b-dbc7a6f6f06b) Attack Pattern 2
Masquerading - T1036 (42e8de7b-37b2-4258-905a-6897815e58e0) Attack Pattern Match Legitimate Name or Location - T1036.005 (1c4e5d32-1fe9-4116-9d9d-59e3925bd6a2) Attack Pattern 2
Application Layer Protocol - T1071 (355be19c-ffc9-46d5-8d50-d6a036c675b6) Attack Pattern Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161) Attack Pattern 2