🇷🇺

Mustard Tempest

APT Group ETDA ✓

Also Known As 2 names

DEV-0206 Purple Vallhund

Target Countries 4

Countries highlighted in red

Canada Spain France United States

Sectors Targeted

NAICS:31 31 Computer Systems Design and Related Services 54151 Computer Systems Design Services 541512

Details

Origin 🇷🇺 RU
Last Updated 03 Feb 2024

Malware Families 3

houdini
fakeupdateru
H-worm

MITRE ATT&CK 53

T1021.001 - Remote Desktop Protocol T1027 - Obfuscated Files or Information T1036 - Masquerading T1036.005 T1053 - Scheduled Task/Job T1053.005 - Scheduled Task T1055 - Process Injection T1056 - Input Capture T1059 - Command and Scripting Interpreter T1059.001 - PowerShell T1059.003 - Windows Command Shell T1059.007 - JavaScript T1071 - Application Layer Protocol T1071.001 - Web Protocols T1078 - Valid Accounts T1082 T1090 - Proxy T1102 - Web Service T1105 - Ingress Tool Transfer T1112 - Modify Registry T1132 - Data Encoding T1133 - External Remote Services T1134.001 T1140 - Deobfuscate/Decode Files or Information T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application T1192 - Spearphishing Link T1199 - Trusted Relationship T1204 - User Execution T1204.001 - Malicious Link T1204.002 - Malicious File T1219 - Remote Access Software T1497 - Virtualization/Sandbox Evasion T1547 - Boot or Logon Autostart Execution T1547.001 - Registry Run Keys / Startup Folder T1550 - Use Alternate Authentication Material T1559 - Inter-Process Communication T1566 - Phishing T1566.002 T1568 - Dynamic Resolution T1573 - Encrypted Channel T1574 - Hijack Execution Flow T1574.001 - DLL Search Order Hijacking T1574.002 - DLL Side-Loading T1583 T1583.004 T1583.008 T1584 T1584.001 T1608 - Stage Capabilities T1608.001 T1608.004 T1608.006

Related Zero-Days

No zero-day CVE linked to this actor