A Look at Trending Chinese APT Techniques
Tags
country: China Iran Philippines Taiwan
attack-pattern: Artificial Intelligence - T1588.007 Botnet - T1583.005 Botnet - T1584.005 Credentials - T1589.001 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Remote Desktop Protocol - T1021.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 Connection Proxy - T1090 Credential Dumping - T1003 Powershell - T1086 Remote Desktop Protocol - T1076
Show in Graph
Common Information
Type Value
UUID b83f8d1d-aa8f-4dbf-970f-97f36527ca3f
Fingerprint b7100d15c614d609
Analysis status DONE
Considered CTI value 2
Text language
Published Nov. 18, 2024, midnight
Added to db Nov. 19, 2024, 6:06 a.m.
Last updated Nov. 20, 2024, 4:32 p.m.
Headline A Look at Trending Chinese APT Techniques
Title A Look at Trending Chinese APT Techniques
Detected Hints/Tags/Attributes 134/2/15
Source URLs
Redirection Url
Details Source https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques
URL Provider
Details Provider Source level domain
Details intel471.com intel471.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 138 Intel471 https://intel471.com/blog/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 119 
cve-2023-2868
Details CVE 186 
cve-2021-26855
Details CVE 15 
cve-2021-42321
Details File 166 
reg.exe
Details File 33 
expand.exe
Details File 61 
ntdsutil.exe
Details Mandiant Temporary Group Assumption 2 
TEMP.BOTTLE
Details Mandiant Uncategorized Groups 7 
UNC3236
Details Mandiant Uncategorized Groups 55 
UNC4841
Details Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development) 4 
DEV-0391
Details Threat Actor Identifier - APT 42 
APT5
Details Threat Actor Identifier - APT 86 
APT15
Details Threat Actor Identifier - APT 169 
APT31
Details Windows Registry Key 27 
HKLM\SYSTEM\CurrentControlSet\Control\Terminal
Details Windows Registry Key 1 
HKLM\SYSTEM\ControlSet00