ch0ic3/CyberThreatIntel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Create Mitre-APT36-22-01-20.json

Browse Source
This commit is contained in:
StrangerealIntel 2020-01-22 01:04:40 +01:00 committed by GitHub
parent 2911c117a5
commit 5516788640
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 30 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
Pakistan/APT/Transparent Tribe/22-01-20/json/Mitre-APT36-22-01-20.json Normal file
View File

@ -0,0 +1,30 @@
[
{
"Id": "T1012",
"Name": "Query Registry",
"Type": "Discovery ",
"Description": "Adversaries may interact with the Windows Registry to gather information about the system, configuration, and installed software.",
"URL": "https://attack.mitre.org/techniques/T1012/"
},
{
"Id": "T1065",
"Name": "Uncommonly Used Port",
"Type": "Command And Control ",
"Description": "Adversaries may conduct C2 communications over a non-standard port to bypass proxies and firewalls that have been improperly configured.",
"URL": "https://attack.mitre.org/techniques/T1065/"
},
{
"Id": "T1064",
"Name": "Scripting",
"Type": "Defense Evasion",
"Description": "Adversaries may use scripts to aid in operations and perform multiple actions that would otherwise be manual. Scripting is useful for speeding up operational tasks and reducing the time required to gain access to critical resources. Some scripting languages may be used to bypass process monitoring mechanisms by directly interacting with the operating system at an API level instead of calling other programs. Common scripting languages for Windows include VBScript and PowerShell but could also be in the form of command-line batch scripts.",
"URL": "https://attack.mitre.org/techniques/T1064/"
},
{
"Id": "T1064",
"Name": "Scripting",
"Type": "Execution",
"Description": "Adversaries may use scripts to aid in operations and perform multiple actions that would otherwise be manual. Scripting is useful for speeding up operational tasks and reducing the time required to gain access to critical resources. Some scripting languages may be used to bypass process monitoring mechanisms by directly interacting with the operating system at an API level instead of calling other programs. Common scripting languages for Windows include VBScript and PowerShell but could also be in the form of command-line batch scripts.",
"URL": "https://attack.mitre.org/techniques/T1064/"
}
]