Malware
273

Iranian intel cyber suite of malware uses open source tools






Edited  14-Jan-2022 02:26:30



The United States Cyber Command (CYBERCOM) has identified and disclosed multiple tools that Iranian intelligence actors are using in networks around the world, according to a report from the US Department of Defense.

REFERENCES:
https://www.cybercom.mil/Media/News/Article/2897570/iranian-intel-cyber-suite-of-malware-uses-open-source-tools/
https://www.sentinelone.com/labs/wading-through-muddy-waters-recent-activity-of-an-iranian-state-sponsored-threat-actor/
ADVERSARY:
MALWARE FAMILIES:
MuddyWater, Mori, PowGoop
ATT&CK IDS:
T1003 - OS Credential Dumping, T1016 - System Network Configuration Discovery, T1027 - Obfuscated Files or Information, T1033 - System Owner/User Discovery, T1036 - Masquerading, T1041 - Exfiltration Over C2 Channel, T1047 - Windows Management Instrumentation, T1049 - System Network Connections Discovery, T1053 - Scheduled Task/Job, T1057 - Process Discovery, T1059 - Command and Scripting Interpreter, T1071 - Application Layer Protocol, T1082 - System Information Discovery, T1083 - File and Directory Discovery, T1087 - Account Discovery, T1090 - Proxy, T1102 - Web Service, T1104 - Multi-Stage Channels, T1105 - Ingress Tool Transfer, T1113 - Screen Capture, T1132 - Data Encoding, T1137 - Office Application Startup, T1140 - Deobfuscate/Decode Files or Information, T1203 - Exploitation for Client Execution, T1204 - User Execution, T1218 - Signed Binary Proxy Execution, T1219 - Remote Access Software, T1518 - Software Discovery, T1547 - Boot or Logon Autostart Execution, T1548 - Abuse Elevation Control Mechanism, T1552 - Unsecured Credentials, T1555 - Credentials from Password Stores, T1559 - Inter-Process Communication, T1560 - Archive Collected Data, T1562 - Impair Defenses, T1566 - Phishing, T1583 - Acquire Infrastructure, T1588 - Obtain Capabilities, T1589 - Gather Victim Identity Information, T1574.001 - DLL Search Order Hijacking, T1059.001 - PowerShell, T1572 - Protocol Tunneling, T1505.003 - Web Shell, T1190 - Exploit Public-Facing Application, T1220 - XSL Script Processing


DISCUSSION
Nothing comment here :(
Login for comment and discussion.
Login Here
Sponsored

Oppss... No sponsors yet

Popular Posts
Complete Basic Course in Kali...
Djie sam soe Djie sam soe
Linux
12477
2
Top

Gps Tracker Seccodeid Free Too...
Djie sam soe Djie sam soe
General
7356
167
Top

Free Proxy List
Sandidi Sandidi
Networking
3163
3
Top

Mass Reverse IP Unlimited
ImamWawe ImamWawe
Tools Hacking
2566
12
Top

Xampp msyql error cant running
Karno si kribo Karno si kribo
Web Development
1769
25
Top

Related Post

Youtube Video

Subscribe