{
    "type": "bundle",
    "id": "bundle--1350a4ee-203c-45a2-9d87-a7432f2337fb",
    "spec_version": "2.0",
    "objects": [
        {
            "aliases": [
                "Strider",
                "ProjectSauron"
            ],
            "x_mitre_domains": [
                "enterprise-attack"
            ],
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
            "id": "intrusion-set--277d2f87-2ae5-4730-a3aa-50c1fdff9656",
            "type": "intrusion-set",
            "created": "2017-05-31T21:32:07.541Z",
            "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "external_references": [
                {
                    "source_name": "mitre-attack",
                    "url": "https://attack.mitre.org/groups/G0041",
                    "external_id": "G0041"
                },
                {
                    "source_name": "Strider",
                    "description": "(Citation: Symantec Strider Blog) (Citation: Kaspersky ProjectSauron Blog)"
                },
                {
                    "source_name": "ProjectSauron",
                    "description": "ProjectSauron is used to refer both to the threat group also known as G0041 as well as the malware platform also known as S0125. (Citation: Kaspersky ProjectSauron Blog) (Citation: Kaspersky ProjectSauron Full Report)"
                },
                {
                    "source_name": "Symantec Strider Blog",
                    "description": "Symantec Security Response. (2016, August 7). Strider: Cyberespionage group turns eye of Sauron on targets. Retrieved August 17, 2016.",
                    "url": "http://www.symantec.com/connect/blogs/strider-cyberespionage-group-turns-eye-sauron-targets"
                },
                {
                    "source_name": "Kaspersky ProjectSauron Blog",
                    "description": "Kaspersky Lab's Global Research & Analysis Team. (2016, August 8). ProjectSauron: top level cyber-espionage platform covertly extracts encrypted government comms. Retrieved August 17, 2016.",
                    "url": "https://securelist.com/faq-the-projectsauron-apt/75533/"
                },
                {
                    "source_name": "Kaspersky ProjectSauron Full Report",
                    "description": "Kaspersky Lab's Global Research & Analysis Team. (2016, August 9). The ProjectSauron APT. Retrieved August 17, 2016.",
                    "url": "https://securelist.com/files/2016/07/The-ProjectSauron-APT_research_KL.pdf"
                }
            ],
            "modified": "2020-06-29T01:43:19.374Z",
            "name": "Strider",
            "description": "[Strider](https://attack.mitre.org/groups/G0041) is a threat group that has been active since at least 2011 and has targeted victims in Russia, China, Sweden, Belgium, Iran, and Rwanda.(Citation: Symantec Strider Blog)(Citation: Kaspersky ProjectSauron Blog)",
            "x_mitre_version": "1.1",
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5"
        }
    ]
}