test_scratch
/
cti-ATT-CK-v13.1
/enterprise-attack
/intrusion-set
/intrusion-set--38fd6a28-3353-4f2b-bb2b-459fecd5c648.json
{ | |
"type": "bundle", | |
"id": "bundle--f21dc752-c30f-4e1d-8ee6-dc6a3880da7a", | |
"spec_version": "2.0", | |
"objects": [ | |
{ | |
"aliases": [ | |
"APT18", | |
"TG-0416", | |
"Dynamite Panda", | |
"Threat Group-0416" | |
], | |
"x_mitre_domains": [ | |
"enterprise-attack" | |
], | |
"object_marking_refs": [ | |
"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168" | |
], | |
"id": "intrusion-set--38fd6a28-3353-4f2b-bb2b-459fecd5c648", | |
"type": "intrusion-set", | |
"created": "2017-05-31T21:31:57.733Z", | |
"created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5", | |
"external_references": [ | |
{ | |
"source_name": "mitre-attack", | |
"url": "https://attack.mitre.org/groups/G0026", | |
"external_id": "G0026" | |
}, | |
{ | |
"source_name": "APT18", | |
"description": "(Citation: ThreatStream Evasion Analysis)(Citation: Anomali Evasive Maneuvers July 2015)" | |
}, | |
{ | |
"source_name": "TG-0416", | |
"description": "(Citation: ThreatStream Evasion Analysis)(Citation: Anomali Evasive Maneuvers July 2015)" | |
}, | |
{ | |
"source_name": "Dynamite Panda", | |
"description": "(Citation: ThreatStream Evasion Analysis)(Citation: Anomali Evasive Maneuvers July 2015)" | |
}, | |
{ | |
"source_name": "Threat Group-0416", | |
"description": "(Citation: ThreatStream Evasion Analysis)" | |
}, | |
{ | |
"url": "http://www.secureworks.com/resources/blog/where-you-at-indicators-of-lateral-movement-using-at-exe-on-windows-7-systems/", | |
"description": "Carvey, H.. (2014, September 2). Where you AT?: Indicators of lateral movement using at.exe on Windows 7 systems. Retrieved January 25, 2016.", | |
"source_name": "Dell Lateral Movement" | |
}, | |
{ | |
"url": "https://www.threatstream.com/blog/evasive-maneuvers-the-wekby-group-attempts-to-evade-analysis-via-custom-rop", | |
"description": "Shelmire, A.. (2015, July 6). Evasive Maneuvers. Retrieved January 22, 2016.", | |
"source_name": "ThreatStream Evasion Analysis" | |
}, | |
{ | |
"source_name": "Anomali Evasive Maneuvers July 2015", | |
"url": "https://www.anomali.com/blog/evasive-maneuvers-the-wekby-group-attempts-to-evade-analysis-via-custom-rop", | |
"description": "Shelmire, A. (2015, July 06). Evasive Maneuvers by the Wekby group with custom ROP-packing and DNS covert channels. Retrieved November 15, 2018." | |
} | |
], | |
"modified": "2020-03-30T18:46:16.853Z", | |
"name": "APT18", | |
"description": "[APT18](https://attack.mitre.org/groups/G0026) is a threat group that has operated since at least 2009 and has targeted a range of industries, including technology, manufacturing, human rights groups, government, and medical. (Citation: Dell Lateral Movement)", | |
"x_mitre_version": "2.1", | |
"x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5" | |
} | |
] | |
} |