Equation

Also known as: Equation

Equation is a sophisticated threat group that employs multiple remote access tools. The group is known to use zero-day exploits and has developed the capability to overwrite the firmware of hard disk drives. Kaspersky Equation QA

🧭 ATT&CK G0020

Introduction

Activities and Tactics

Information pending cataloguing.

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

ATT&CK technique IDs (denormalized)

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

RemoteCMD:
CyberGate:
Cyber Eye RAT:
Remote Utilities:
RemotePC:
Xploit:

Attribution and Evidence

Information pending cataloguing.

References

[1] mitre-attack [3] Kaspersky Equation QA Kaspersky Lab’s Global Research and Analysis Team. (2015, February). Equation Group: Questions and Answers. Retrieved December 21, 2015.

Source Attribution

Structured source: MISP Galaxy

View ATT&CK group profile

Additional source provenance

misp galaxy Dataset
mitre Dataset

Source and license policy

🔍 Quick Filters

Top Countries

Risk Distribution

High

161

Critical

Low

Medium

Introduction

Activities and Tactics

Notable Campaigns

Tactics, Techniques, and Procedures (TTPs)

ATT&CK technique IDs (denormalized)

Notable Indicators of Compromise (IOCs)

Malware and Tools

Attribution and Evidence

References

Clickable IOC Blocks