🇷🇺
Tomiris
APT Group
Information theft and espionage
ETDA ✓
Also Known As
No alias recordedTarget Countries 12
Countries highlighted in red
Afghanistan
Armenia
Azerbaijan
Belgium
Belarus
India
Kyrgyzstan
Kazakhstan
Russian Federation
Tajikistan
Turkmenistan
Uzbekistan
Sectors Targeted
Mining, Quarrying, and Oil and Gas Extraction
21
NAICS:31
31
National Security and International Affairs
9281
Space Research and Technology
927
Public Administration
92
Government
National Security and International Affairs
928
Telecommunications
517
Utilities
22
National Security and International Affairs
928110
NAICS:48
48
Oil and Gas Extraction
211
Details
Origin
🇷🇺 RU
Last Updated
10 Feb 2024
MITRE ATT&CK 36
T1021 - Remote Services
T1027 - Obfuscated Files or Information
T1027.005 - Indicator Removal from Tools
T1036 - Masquerading
T1036.006 - Space after Filename
T1041 - Exfiltration Over C2 Channel
T1048 - Exfiltration Over Alternative Protocol
T1055 - Process Injection
T1056 - Input Capture
T1057 - Process Discovery
T1059 - Command and Scripting Interpreter
T1059.001 - PowerShell
T1071 - Application Layer Protocol
T1071.001 - Web Protocols
T1090 - Proxy
T1095 - Non-Application Layer Protocol
T1102 - Web Service
T1102.002 - Bidirectional Communication
T1105 - Ingress Tool Transfer
T1113 - Screen Capture
T1115 - Clipboard Data
T1127 - Trusted Developer Utilities Proxy Execution
T1132 - Data Encoding
T1140 - Deobfuscate/Decode Files or Information
T1189 - Drive-by Compromise
T1203
T1204 - User Execution
T1219 - Remote Access Software
T1543 - Create or Modify System Process
T1547
T1553 - Subvert Trust Controls
T1562 - Impair Defenses
T1566 - Phishing
T1566.001
T1572 - Protocol Tunneling
T1573 - Encrypted Channel