Common Information
| Type | Value |
|---|---|
| Value |
Remote File Copy |
| Category | Attack-Pattern |
| Type | Mitre-Ics-Techniques |
| Misp Type | Cluster |
| Description | Adversaries may copy files from one system to another to stage adversary tools or other files over the course of an operation. Copying of files may also be performed laterally between internal victim systems to support Lateral Movement with remote Execution using inherent file sharing protocols such as file sharing over SMB to connected network shares. In control systems environments, malware may use SMB and other file sharing protocols to move laterally through industrial networks. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-15 | 33 | DONOT's Attack On Maritime & Defense Manufacturing | ||
| Details | Website | 2024-09-19 | 35 | Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC | ||
| Details | Website | 2024-01-04 | 63 | ATT&CK을 이용해 스스로 평가하기(APT3, Second Scenario) | ||
| Details | Website | 2023-10-17 | 92 | Anomali Cyber Watch: RomCom 4.0 Targeted Female Politicians, Israeli RedAlert App Impersonated, and More. – Anomali | ||
| Details | Website | 2023-09-04 | 41 | New Attack Vector In The Cloud: Attackers caught exploiting Object Storage Services | ||
| Details | Website | 2023-08-11 | 39 | Stealthy Malicious MSI Loader - Overlapping Technique and Infrastructure with BatLoader - CYFIRMA | ||
| Details | Website | 2023-06-06 | 27 | Anomali Cyber Watch: LEMURLOOT on Exploited MOVEit Transfers, Zero-Click iOS Exploit Targeted Kaspersky, Qakbot Turns Bots into Proxies | ||
| Details | Website | 2023-04-27 | 30 | What's New in Sysdig - March & April 2023 – Sysdig | ||
| Details | Website | 2023-03-01 | 21 | Hunting for Lateral Movement using Event Query Language — Elastic Security Labs | ||
| Details | Website | 2023-02-14 | 24 | 8220 Gang Continues to Evolve With Each New Campaign – Sysdig | ||
| Details | Website | 2022-09-08 | 74 | Microsoft investigates Iranian attacks against the Albanian government - Microsoft Security Blog | ||
| Details | Website | 2022-09-08 | 48 | Microsoft investigates Iranian attacks against the Albanian government | Microsoft Security Blog | ||
| Details | Website | 2022-07-26 | 60 | Mandiant Red Team Emulates FIN11 Tactics To Control Operational Technology Servers | Mandiant | ||
| Details | Website | 2022-06-07 | 5 | Behind the Creation of Detector #1236 - Red Canary | ||
| Details | Website | 2022-06-02 | 48 | TAU Threat Analysis: Bundlore (macOS) mm-install-macos | ||
| Details | Website | 2022-05-21 | 36 | Satan Ransomware Spawns New Methods to Spread | ||
| Details | Website | 2022-03-15 | 28 | Decoding a DanaBot Downloader | ||
| Details | Website | 2021-11-18 | 50 | Conti Ransomware | Qualys Security Blog | ||
| Details | Website | 2021-09-24 | 32 | Examining the Cring Ransomware Techniques | ||
| Details | Website | 2021-09-24 | 32 | Examining the Cring Ransomware Techniques | ||
| Details | Website | 2021-08-11 | 302 | Massive New AdLoad Campaign Goes Entirely Undetected By Apple's XProtect - SentinelLabs | ||
| Details | Website | 2021-06-29 | 45 | 7 victims spanning multiple industries | ||
| Details | Website | 2021-06-15 | 86 | Ransomware Double Extortion and Beyond: REvil, Clop, and Conti - Security News | ||
| Details | Website | 2021-06-01 | 52 | Backdoors, RATs, Loaders evasion techniques | ||
| Details | Website | 2021-04-20 | 1 | Carbanak and FIN7 Attack Techniques |