Alternative names (2)
TTPsInclude • usedTTPsRandom triples
| Subject | Object |
|---|---|
| gptkb:APT41 | use of publicly available tools |
| gptkb:Zebrocy | initial access via phishing |
| gptkb:Conti_ransomware_campaigns | gptkb:Kerberos_ticket_abuse |
| gptkb:Conti_ransomware_campaigns | use of remote desktop protocol |
| gptkb:Winnti | lateral movement |
| gptkb:Zebrocy | lateral movement |
| gptkb:APT20 | privilege escalation |
| gptkb:Stone_Panda | custom malware development |
| gptkb:APT20 | use of stolen credentials |
| gptkb:MuddyWater_group | use of compromised email accounts |
| gptkb:MuddyWater_group | custom backdoors |
| gptkb:Conti_ransomware_campaigns | living off the land techniques |
| gptkb:APT41 | living off the land techniques |
| gptkb:MuddyWater_group | use of legitimate tools for lateral movement |
| gptkb:MuddyWater_group | credential harvesting |
| gptkb:APT41 | privilege escalation |
| gptkb:Conti_ransomware_campaigns | public shaming of victims |
| gptkb:Stone_Panda | use of compromised MSPs to access client networks |
| gptkb:APT41 | web server exploitation |
| gptkb:Conti_ransomware_campaigns | PowerShell scripts |