Alternative names (2)
TTPsInclude • usedTTPsRandom triples
| Subject | Object |
|---|---|
| gptkb:Winnti | credential theft |
| gptkb:APT41 | data exfiltration |
| gptkb:Conti_ransomware_campaigns | Active Directory compromise |
| gptkb:Stone_Panda | custom malware development |
| gptkb:APT20 | lateral movement |
| gptkb:APT41 | living off the land techniques |
| gptkb:APT41 | SQL injection |
| gptkb:Turla_Group | use of legitimate software for persistence |
| gptkb:Zebrocy | custom malware development |
| gptkb:Conti_ransomware_campaigns | RDP brute force |
| gptkb:APT20 | data exfiltration |
| gptkb:APT41 | use of publicly available tools |
| gptkb:Conti_ransomware_campaigns | threatening data leaks |
| gptkb:APT54 | use of legitimate credentials |
| gptkb:Conti_ransomware_campaigns | privilege escalation |
| gptkb:Zebrocy | initial access via phishing |
| gptkb:APT41 | use of zero-day exploits |
| gptkb:MuddyWater_group | multi-stage attacks |
| gptkb:Conti_ransomware_campaigns | scheduled tasks |
| gptkb:Conti_ransomware_campaigns | use of custom ransomware builder |