🇪🇺
FusionCore
APT Group
14 zero-day CVEs
Also Known As
No alias recordedTarget Countries
No target country recorded
Sectors Targeted
No targeted sector recordedDetails
Origin
🇪🇺 EU
Last Updated
18 Nov 2023
MITRE ATT&CK 104
T1003 - OS Credential Dumping
T1003.001 - LSASS Memory
T1003.002 - Security Account Manager
T1003.003 - NTDS
T1003.004 - LSA Secrets
T1005 - Data from Local System
T1010 - Application Window Discovery
T1011
T1012 - Query Registry
T1016 - System Network Configuration Discovery
T1018 - Remote System Discovery
T1021.001 - Remote Desktop Protocol
T1027 - Obfuscated Files or Information
T1027.001
T1031 - Modify Existing Service
T1035 - Service Execution
T1036 - Masquerading
T1037 - Boot or Logon Initialization Scripts
T1037.001 - Logon Script (Windows)
T1037.002 - Logon Script (Mac)
T1037.003 - Network Logon Script
T1039 - Data from Network Shared Drive
T1040 - Network Sniffing
T1041 - Exfiltration Over C2 Channel
T1043 - Commonly Used Port
T1045 - Software Packing
T1053 - Scheduled Task/Job
T1055 - Process Injection
T1056 - Input Capture
T1056.001 - Keylogging
T1057 - Process Discovery
T1059 - Command and Scripting Interpreter
T1059.001
T1059.007 - JavaScript
T1060 - Registry Run Keys / Startup Folder
T1063 - Security Software Discovery
T1068 - Exploitation for Privilege Escalation
T1070 - Indicator Removal on Host
T1071 - Application Layer Protocol
T1071.001 - Web Protocols
T1071.003 - Mail Protocols
T1071.004 - DNS
T1078
T1081
T1082 - System Information Discovery
T1083 - File and Directory Discovery
T1090 - Proxy
T1095 - Non-Application Layer Protocol
T1096 - NTFS File Attributes
T1100
T1105 - Ingress Tool Transfer
T1110.002 - Password Cracking
T1112 - Modify Registry
T1114 - Email Collection
T1119 - Automated Collection
T1123 - Audio Capture
T1129 - Shared Modules
T1140 - Deobfuscate/Decode Files or Information
T1173 - Dynamic Data Exchange
T1176 - Browser Extensions
T1179 - Hooking
T1189 - Drive-by Compromise
T1203 - Exploitation for Client Execution
T1210 - Exploitation of Remote Services
T1222 - File and Directory Permissions Modification
T1406 - Obfuscated Files or Information
T1410 - Network Traffic Capture or Redirection
T1423 - Network Service Scanning
T1427 - Attack PC via USB Connection
T1445 - Abuse of iOS Enterprise App Signing Key
T1449 - Exploit SS7 to Redirect Phone Calls/SMS
T1450 - Exploit SS7 to Track Device Location
T1453 - Abuse Accessibility Features
T1472 - Generate Fraudulent Advertising Revenue
T1485 - Data Destruction
T1490 - Inhibit System Recovery
T1496 - Resource Hijacking
T1497 - Virtualization/Sandbox Evasion
T1529 - System Shutdown/Reboot
T1543 - Create or Modify System Process
T1547 - Boot or Logon Autostart Execution
T1547.006
T1550 - Use Alternate Authentication Material
T1552 - Unsecured Credentials
T1555 - Credentials from Password Stores
T1560 - Archive Collected Data
T1562 - Impair Defenses
T1563 - Remote Service Session Hijacking
T1564 - Hide Artifacts
T1566 - Phishing
T1566.001
T1569 - System Services
T1573 - Encrypted Channel
T1574 - Hijack Execution Flow
T1583
T1583.002
T1583.005 - Botnet
T1584.004
T1598
T1614 - System Location Discovery
TA0002 - Execution
TA0004 - Privilege Escalation
TA0005 - Defense Evasion
TA0011 - Command and Control