🇮🇷

BANISHED KITTEN

APT Group Sabotage and destruction ETDA ✓

Also Known As 3 names

DUNE Red Sandstorm Storm-0842

Target Countries 10

Countries highlighted in red

United Arab Emirates Albania Germany Algeria Egypt France Israel Romania United States South Africa

Sectors Targeted

Construction 23 Motion Picture and Video Production 51211 Computer Systems Design Services 541512 Public Administration 92 Data Processing, Hosting, and Related Services 51821 National Security and International Affairs 9281 Grantmaking and Giving Services 8132 Utilities 22

Details

Origin 🇮🇷 IR
Last Updated 03 Jul 2024

MITRE ATT&CK 127

T1001 - Data Obfuscation T1003 T1003.001 T1005 T1021 T1021.001 T1021.002 T1027 - Obfuscated Files or Information T1027.015 T1030 - Data Transfer Size Limits T1036 - Masquerading T1036.004 T1036.005 T1041 T1046 T1047 T1055 - Process Injection T1056 - Input Capture T1056.004 T1059 - Command and Scripting Interpreter T1059.001 T1059.003 T1059.006 T1059.007 - JavaScript T1070 - Indicator Removal on Host T1071 - Application Layer Protocol T1071.001 - Web Protocols T1072 T1074 T1078 T1078.001 T1078.002 T1078.004 T1082 T1087 T1087.002 T1087.003 T1090 - Proxy T1098 T1098.002 T1102 - Web Service T1105 - Ingress Tool Transfer T1106 - Native API T1110 T1110.001 T1110.004 T1113 T1114 T1114.002 T1119 - Automated Collection T1123 T1125 T1132 - Data Encoding T1133 T1134 - Access Token Manipulation T1134.001 T1140 - Deobfuscate/Decode Files or Information T1176 - Browser Extensions T1190 T1193 T1195 - Supply Chain Compromise T1199 - Trusted Relationship T1204 T1204.002 T1213 T1213.002 T1218 - Signed Binary Proxy Execution T1219 T1219.002 T1484 T1484.001 T1485 T1486 T1490 - Inhibit System Recovery T1498 - Network Denial of Service T1505 T1505.003 T1525 - Implant Internal Image T1530 - Data from Cloud Storage Object T1547 - Boot or Logon Autostart Execution T1547.001 T1552 - Unsecured Credentials T1552.001 - Credentials In Files T1552.002 T1553 - Subvert Trust Controls T1560 T1560.001 T1561 T1561.001 T1561.002 T1564 T1564.003 T1566 - Phishing T1566.001 T1568 - Dynamic Resolution T1568.001 - Fast Flux DNS T1570 T1572 T1573 - Encrypted Channel T1583 - Acquire Infrastructure T1583.001 T1583.003 T1583.004 T1583.006 T1584 - Compromise Infrastructure T1585 T1585.001 T1585.002 T1587 - Develop Capabilities T1587.001 T1588 - Obtain Capabilities T1588.001 T1588.002 T1588.003 T1589 T1595 T1595.002 T1608 - Stage Capabilities T1651 T1657 T1679 T1684 T1684.001 T1685 T1685.001 T1686 T1686.003

Related Zero-Days

No zero-day CVE linked to this actor