cti-ATT-CK-v13.1/ics-attack/malware/malware--ff6840c9-4c87-4d07-bbb6-9f50aa33d498.json

{
    "type": "bundle",
    "id": "bundle--5fbee592-38c2-4db0-bf1f-a0438fa93c97",
    "spec_version": "2.0",
    "objects": [
        {
            "modified": "2022-10-12T17:51:18.408Z",
            "name": "Flame",
            "description": "[Flame](https://attack.mitre.org/software/S0143) is a sophisticated toolkit that has been used to collect information since at least 2010, largely targeting Middle East countries. (Citation: Kaspersky Flame)",
            "x_mitre_platforms": [
                "Windows"
            ],
            "x_mitre_deprecated": false,
            "x_mitre_domains": [
                "enterprise-attack",
                "ics-attack"
            ],
            "x_mitre_version": "1.1",
            "x_mitre_aliases": [
                "Flame",
                "Flamer",
                "sKyWIper"
            ],
            "type": "malware",
            "id": "malware--ff6840c9-4c87-4d07-bbb6-9f50aa33d498",
            "created": "2017-05-31T21:33:21.973Z",
            "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "revoked": false,
            "external_references": [
                {
                    "source_name": "mitre-attack",
                    "url": "https://attack.mitre.org/software/S0143",
                    "external_id": "S0143"
                },
                {
                    "source_name": "Flame",
                    "description": "(Citation: Kaspersky Flame)"
                },
                {
                    "source_name": "sKyWIper",
                    "description": "(Citation: Kaspersky Flame) (Citation: Crysys Skywiper)"
                },
                {
                    "source_name": "Flamer",
                    "description": "(Citation: Kaspersky Flame) (Citation: Symantec Beetlejuice)"
                },
                {
                    "source_name": "Kaspersky Flame",
                    "description": "Gostev, A. (2012, May 28). The Flame: Questions and Answers. Retrieved March 1, 2017.",
                    "url": "https://securelist.com/the-flame-questions-and-answers-51/34344/"
                },
                {
                    "source_name": "Crysys Skywiper",
                    "description": "sKyWIper Analysis Team. (2012, May 31). sKyWIper (a.k.a. Flame a.k.a. Flamer):  A complex malware for targeted attacks. Retrieved September 6, 2018.",
                    "url": "https://www.crysys.hu/publications/files/skywiper.pdf"
                },
                {
                    "source_name": "Symantec Beetlejuice",
                    "description": "Symantec Security Response. (2012, May 31). Flamer: A Recipe for Bluetoothache. Retrieved February 25, 2017.",
                    "url": "https://www.symantec.com/connect/blogs/flamer-recipe-bluetoothache"
                }
            ],
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
            "labels": [
                "malware"
            ],
            "x_mitre_attack_spec_version": "2.1.0",
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5"
        }
    ]
}