🇵🇰

Operation RusticWeb

APT Group Information theft and espionage ETDA ✓

Also Known As

No alias recorded

Target Countries 5

Countries highlighted in red

Afghanistan Bangladesh United Kingdom India United States

Sectors Targeted

Public Administration 92 Defense Space Research and Technology 927 National Security and International Affairs 928 Government Oil and Gas Extraction 211 Rail Transportation 482 Educational Services 61

Details

Origin 🇵🇰 PK
Last Updated 11 May 2024

MITRE ATT&CK 49

T1005 - Data from Local System T1016 T1027 - Obfuscated Files or Information T1036 - Masquerading T1036.005 T1041 - Exfiltration Over C2 Channel T1055 - Process Injection T1057 - Process Discovery T1059 - Command and Scripting Interpreter T1059.001 - PowerShell T1059.005 - Visual Basic T1070 - Indicator Removal on Host T1071 T1071.001 - Web Protocols T1078 T1082 - System Information Discovery T1083 - File and Directory Discovery T1095 - Non-Application Layer Protocol T1105 - Ingress Tool Transfer T1106 T1112 - Modify Registry T1113 - Screen Capture T1115 - Clipboard Data T1202 - Indirect Command Execution T1204 T1204.002 T1218 T1218.005 - Mshta T1497 - Virtualization/Sandbox Evasion T1518 T1518.001 - Security Software Discovery T1539 - Steal Web Session Cookie T1547.001 - Registry Run Keys / Startup Folder T1555 - Credentials from Password Stores T1560 - Archive Collected Data T1564.001 - Hidden Files and Directories T1565.001 - Stored Data Manipulation T1566 T1566.001 - Spearphishing Attachment T1573 - Encrypted Channel T1574 T1574.001 T1584 T1584.001 T1598 T1598.002 T1608 T1608.001 T1614

Related Zero-Days

No zero-day CVE linked to this actor