Show in Graph
Common Information
Type Value
Value 
System Network Configuration Discovery - T1016
Category Attack-Pattern
Type Mitre-Enterprise-Attack-Attack-Pattern
Misp Type Cluster
Description Adversaries will likely look for details about the network configuration and settings of systems they access or through information discovery of remote systems. Several operating system administration utilities exist that can be used to gather this information. Examples include Arp, ipconfig/ifconfig, nbtstat, and route. Detection: System and network discovery techniques normally occur throughout an operation as an adversary learns the environment. Data and events should not be viewed in isolation, but as part of a chain of behavior that could lead to other activities, such as Lateral Movement, based on the information obtained. Monitor processes and command-line arguments for actions that could be taken to gather system and network information. Remote access tools with built-in features may interact directly with the Windows API to gather information. Information may also be acquired through Windows system management tools such as Windows Management Instrumentation and PowerShell. Platforms: Linux, macOS, Windows Data Sources: Process command-line parameters, Process monitoring Permissions Required: User
Details Published Attributes CTI Title
Details Website 2024-11-14 72 Weekly Intelligence Report - 15 Nov 2024 | #ransomware | #cybercrime | National Cyber Security Consulting
Details Website 2024-11-13 55 HawkEye Malware: Technical Analysis
Details Website 2024-11-13 55 HawkEye Malware: Technical Analysis - ANY.RUN's Cybersecurity Blog
Details Website 2024-11-13 23 T.A. — RansomHub
Details Website 2024-11-13 55 HawkEye | PredatorPain
Details Website 2024-11-09 19 TRACKING RANSOMWARE : OCTOBER 2024 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
Details Website 2024-11-04 35 G700 : The Next Generation of Craxs RAT - CYFIRMA
Details Website 2024-11-01 39 Dark Web Profile: Tropic Trooper (APT23) - SOCRadar® Cyber Intelligence Inc.
Details Website 2024-10-30 154 Крысиный король: как Android-троян CraxsRAT ворует данные пользователей | Блог F.A.C.C.T.
Details Website 2024-10-23 44 Highlighting TA866/Asylum Ambuscade Activity Since 2021
Details Website 2024-10-22 13 Using gRPC and HTTP/2 for Cryptominer Deployment: An Unconventional Approach
Details Website 2024-10-17 81 UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants
Details Website 2024-10-11 71 Weekly Intelligence Report - 11 Oct 2024 | #ransomware | #cybercrime | National Cyber Security Consulting
Details Website 2024-10-07 141 Mind the (air) gap: GoldenJackal gooses government guardrails
Details Website 2024-10-02 3 Stopping Attacks Early: The Power of Endpoint Telemetry in Cybersecurity
Details Website 2024-09-27 123 Betting on Bots: Investigating Linux malware, crypto mining, and gambling API abuse — Elastic Security Labs
Details Website 2024-09-12 13 Emulating the Persistent and Stealthy Ebury Linux Malware
Details Website 2024-09-09 41 Earth Preta Evolves its Attacks with New Malware and Strategies
Details Website 2024-09-09 24 BLX STEALER - CYFIRMA
Details Website 2024-09-09 41 Earth Preta Evolves its Attacks with New Malware and Strategies
Details Website 2024-08-30 24 Emulating the Extortionist Mallox Ransomware
Details Website 2024-08-12 1 Windows Discovery and Execution Processes - Excessive Use
Details Website 2024-07-29 20 Attackers (Crowd)Strike with Infostealer Malware - Perception Point
Details Website 2024-07-26 22 RansomHub Ransomware – New Infection Chains Unveiled
Details Website 2024-07-25 59 How APT groups operate in Southeast Asia