![]() It is generally used for long-term espionage and is deployed on targets deemed interesting after a reconnaissance phase.Īgent Smith is mobile malware that generates financial gain by replacing legitimate applications on devices with malicious versions that include fraudulent ads. The software was reportedly designed to help a Chinese phone manufacturer monitor user behavior, transferring sensitive data to a Chinese server.ĪDVSTORESHELL is a spying backdoor that has been used by APT28 from at least 2012 to 2016. ACAD/Medre.A has the capability to be used for industrial espionage.Īdbupd is a backdoor used by PLATINUM that is similar to Dipsind.ĪdFind is a free command-line query tool that can be used for gathering information from Active Directory.Īdups is software that was pre-installed onto Android devices, including those made by BLU Products. The worm collects AutoCAD files with drawings. The tool is publicly available on GitHub.ĪBK is a downloader that has been used by BRONZE BUTLER since at least 2019.ĪCAD/Medre.A is a worm that steals operational information. Examples include PlugX, CHOPSTICK, etc.ģPARA RAT is a remote access tool (RAT) programmed in C++ that has been used by Putter Panda.ĤH RAT is malware that has been used by Putter Panda since at least 2007.ĪADInternals is a PowerShell-based framework for administering, enumerating, and exploiting Azure Active Directory. Malware - Commercial, custom closed source, or open source software intended to be used for malicious purposes by adversaries.Examples include PsExec, Metasploit, Mimikatz, as well as Windows utilities such as Net, netstat, Tasklist, etc. ![]() This category includes both software that generally is not found on an enterprise system as well as software generally available as part of an operating system that is already present in an environment. Tool - Commercial, open-source, built-in, or publicly available software that could be used by a defender, pen tester, red teamer, or an adversary.The information provided does not represent all possible technique use by a piece of Software, but rather a subset that is available solely through open source reporting. Software entries include publicly reported technique use or capability to use a technique and may be mapped to Groups who have been reported to use that Software. The team makes a best effort to track overlaps between names based on publicly reported associations, which are designated as “Associated Software” on each page (formerly labeled “Aliases”), because we believe these overlaps are useful for analyst awareness. Some instances of software have multiple names associated with the same instance due to various organizations tracking the same set of software by different names. Software is a generic term for custom or commercial code, operating system utilities, open-source software, or other tools used to conduct behavior modeled in ATT&CK.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |