Alternative names (2)
TTPsInclude • usedTTPsRandom triples
Subject | Object |
---|---|
gptkb:Winnti | credential theft |
gptkb:APT41 | data exfiltration |
gptkb:Conti_ransomware_campaigns | Active Directory compromise |
gptkb:Stone_Panda | custom malware development |
gptkb:APT20 | lateral movement |
gptkb:APT41 | living off the land techniques |
gptkb:APT41 | SQL injection |
gptkb:Turla_Group | use of legitimate software for persistence |
gptkb:Zebrocy | custom malware development |
gptkb:Conti_ransomware_campaigns | RDP brute force |
gptkb:APT20 | data exfiltration |
gptkb:APT41 | use of publicly available tools |
gptkb:Conti_ransomware_campaigns | threatening data leaks |
gptkb:APT54 | use of legitimate credentials |
gptkb:Conti_ransomware_campaigns | privilege escalation |
gptkb:Zebrocy | initial access via phishing |
gptkb:APT41 | use of zero-day exploits |
gptkb:MuddyWater_group | multi-stage attacks |
gptkb:Conti_ransomware_campaigns | scheduled tasks |
gptkb:Conti_ransomware_campaigns | use of custom ransomware builder |