Alternative names (2)
TTPsInclude • usedTTPsRandom triples
| Subject | Object |
|---|---|
| gptkb:Conti_ransomware_campaigns | living off the land techniques |
| gptkb:APT41 | spear phishing |
| gptkb:Zebrocy | initial access via phishing |
| gptkb:Conti_ransomware_campaigns | lateral movement |
| gptkb:APT20 | use of stolen credentials |
| gptkb:Winnti | living off the land techniques |
| gptkb:APT20 | privilege escalation |
| gptkb:Gamaredon | rapid deployment of new malware variants |
| gptkb:MuddyWater_group | data exfiltration |
| gptkb:Conti_ransomware_campaigns | disabling security software |
| gptkb:Gamaredon | frequent infrastructure changes |
| gptkb:APT41 | data exfiltration |
| gptkb:APT54 | multi-stage attacks |
| gptkb:MuddyWater_group | use of open-source tools |
| gptkb:APT41 | lateral movement |
| gptkb:APT41 | web shell deployment |
| gptkb:APT41 | use of open-source tools |
| gptkb:APT41 | credential theft |
| gptkb:Conti_ransomware_campaigns | shadow copy deletion |
| gptkb:APT41 | remote desktop protocol abuse |