OnionDuke - S0052 (b136d088-a829-432c-ac26-5529c26d4c7e)

OnionDuke is malware that was used by APT29 from 2013 to 2015. (Citation: F-Secure The Dukes)

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Endpoint Denial of Service - T1499 (c675646d-e204-4aa8-978d-e3d6d65885c4)	Attack Pattern	OnionDuke - S0052 (b136d088-a829-432c-ac26-5529c26d4c7e)	Malware	1
Deobfuscate/Decode Files or Information - T1140 (3ccef7ae-cb5e-48f6-8302-897105fbf55c)	Attack Pattern	OnionDuke - S0052 (b136d088-a829-432c-ac26-5529c26d4c7e)	Malware	1
OnionDuke (abd10caa-7d4c-4c22-8dae-8d32f13232d7)	Malpedia	OnionDuke - S0052 (b136d088-a829-432c-ac26-5529c26d4c7e)	Malware	1
OnionDuke - S0052 (b136d088-a829-432c-ac26-5529c26d4c7e)	Malware	One-Way Communication - T1102.003 (9c99724c-a483-4d60-ad9d-7f004e42e8e8)	Attack Pattern	1
OnionDuke - S0052 (b136d088-a829-432c-ac26-5529c26d4c7e)	Malware	Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161)	Attack Pattern	1
OnionDuke - S0052 (b136d088-a829-432c-ac26-5529c26d4c7e)	Malware	OS Credential Dumping - T1003 (0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22)	Attack Pattern	1
Web Service - T1102 (830c9528-df21-472c-8c14-a036bf17d665)	Attack Pattern	One-Way Communication - T1102.003 (9c99724c-a483-4d60-ad9d-7f004e42e8e8)	Attack Pattern	2
Application Layer Protocol - T1071 (355be19c-ffc9-46d5-8d50-d6a036c675b6)	Attack Pattern	Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161)	Attack Pattern	2