🇨🇳
UNC5174
APT Group
12 zero-day CVEs
Also Known As 1 names
Uteus
Target Countries 7
Countries highlighted in red
Canada
France
United Kingdom
Hong Kong
Saudi Arabia
Singapore
United States
Sectors Targeted
Public Administration
92
NAICS:31
31
Publishing Industries (except Internet)
511
Telecommunications
517
Utilities
22
Finance and Insurance
52
Religious, Grantmaking, Civic, Professional, and Similar Organizations
813
Space Research and Technology
927
Professional, Scientific, and Technical Services
54
Internet Publishing and Broadcasting and Web Search Portals
51913
Computer Systems Design Services
541512
Information
51
National Security and International Affairs
928
Oil and Gas Extraction
211
Computer Systems Design and Related Services
5415
Health Care and Social Assistance
62
Commercial Banking
52211
Human Rights Organizations
813311
NAICS:48
48
Computer Systems Design and Related Services
54151
Educational Services
61
Details
Origin
🇨🇳 CN
Last Updated
30 Mar 2024
MITRE ATT&CK 55
T1001 - Data Obfuscation
T1003 - OS Credential Dumping
T1016 - System Network Configuration Discovery
T1027 - Obfuscated Files or Information
T1027.002 - Software Packing
T1029 - Scheduled Transfer
T1036 - Masquerading
T1036.004 - Masquerade Task or Service
T1037 - Boot or Logon Initialization Scripts
T1046 - Network Service Scanning
T1053 - Scheduled Task/Job
T1055 - Process Injection
T1059 - Command and Scripting Interpreter
T1059.001 - PowerShell
T1059.004 - Unix Shell
T1059.007 - JavaScript
T1070 - Indicator Removal on Host
T1070.004 - File Deletion
T1071.001 - Web Protocols
T1078 - Valid Accounts
T1082 - System Information Discovery
T1083 - File and Directory Discovery
T1090 - Proxy
T1105 - Ingress Tool Transfer
T1112 - Modify Registry
T1132 - Data Encoding
T1132.001 - Standard Encoding
T1133 - External Remote Services
T1140 - Deobfuscate/Decode Files or Information
T1190 - Exploit Public-Facing Application
T1204 - User Execution
T1204.002 - Malicious File
T1219 - Remote Access Software
T1490
T1496 - Resource Hijacking
T1497 - Virtualization/Sandbox Evasion
T1497.003 - Time Based Evasion
T1505.003 - Web Shell
T1543 - Create or Modify System Process
T1547 - Boot or Logon Autostart Execution
T1553 - Subvert Trust Controls
T1566 - Phishing
T1566.001 - Spearphishing Attachment
T1569 - System Services
T1571 - Non-Standard Port
T1573 - Encrypted Channel
T1574 - Hijack Execution Flow
T1574.001 - DLL Search Order Hijacking
T1588 - Obtain Capabilities
T1588.002 - Tool
T1588.004 - Digital Certificates
T1589.003 - Employee Names
T1595 - Active Scanning
T1595.002 - Vulnerability Scanning
TA0003 - Persistence