Alternative names (2)
TTPsInclude • usedTTPsRandom triples
| Subject | Object |
|---|---|
| gptkb:APT20 | lateral movement |
| gptkb:Zebrocy | initial access via phishing |
| gptkb:APT54 | use of legitimate credentials |
| gptkb:Conti_ransomware_campaigns | lateral movement |
| gptkb:MuddyWater_group | data exfiltration |
| gptkb:Winnti | living off the land techniques |
| gptkb:Zebrocy | multi-stage infection chains |
| gptkb:Stone_Panda | use of compromised MSPs to access client networks |
| gptkb:Zebrocy | custom malware development |
| gptkb:APT20 | privilege escalation |
| gptkb:Conti_ransomware_campaigns | gptkb:Kerberos_ticket_abuse |
| gptkb:Conti_ransomware_campaigns | use of cryptocurrency wallets |
| gptkb:APT41 | watering hole attacks |
| gptkb:APT12 | spear phishing |
| gptkb:APT20 | use of stolen credentials |
| gptkb:Turla_Group | use of custom backdoors |
| gptkb:APT12 | watering hole attacks |
| gptkb:APT41 | spear phishing |
| gptkb:Gamaredon | use of legitimate cloud services for C2 |
| gptkb:Conti_ransomware_campaigns | use of Tor for communication |