Check out the results from our first round of ATT&CK Evaluations at attackevals.mitre.org!

BlackOasis

BlackOasis is a Middle Eastern threat group that is believed to be a customer of Gamma Group. The group has shown interest in prominent figures in the United Nations, as well as opposition bloggers, activists, regional news correspondents, and think tanks. [1] [2] A group known by Microsoft as NEODYMIUM is reportedly associated closely with BlackOasis operations, but evidence that the group names are aliases has not been identified. [3]

ID: G0063
Aliases: BlackOasis
Version: 1.0

Alias Descriptions

NameDescription
BlackOasis[1] [2]

Techniques Used

DomainIDNameUse
EnterpriseT1027Obfuscated Files or InformationBlackOasis's first stage shellcode contains a NOP sled with alternative instructions that was likely designed to bypass antivirus tools.[1]

References