Group5

MISP
Type:
Unknown
Country:
Unknown
First seen:
Unknown
Details:

[Group5](https://attack.mitre.org/groups/G0043) is a threat group with a suspected Iranian nexus, though this attribution is not definite. The group has targeted individuals connected to the Syrian opposition via spearphishing and watering holes, normally using Syrian and Iranian themes. [Group5](https://attack.mitre.org/groups/G0043) has used two commonly available remote access tools (RATs), [njRAT](https://attack.mitre.org/software/S0385) and [NanoCore](https://attack.mitre.org/software/S0336), as well as an Android RAT, DroidJack. (Citation: Citizen Lab Group5)

MITRE ATT&CK: View on MITRE
Techniques Used (4)
ID ATT&CK Tactics
T1027.013 Encrypted/Encoded File -
T1056.001 Keylogging -
T1070.004 File Deletion -
T1113 Screen Capture -
References (2)
Aliases (196)
G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043 G0043
Related Malware (2)
NanoCore
other
njRAT
other
Metadata
ID: 237
Created: 13/01/2026 17:48
Updated: 21/04/2026 16:00