🇰🇵
puNK-003
APT Group
4 zero-day CVEs
Also Known As
No alias recordedTarget Countries
No target country recorded
Sectors Targeted
No targeted sector recordedDetails
Origin
🇰🇵 KP
Last Updated
17 May 2025
MITRE ATT&CK 61
T1003 - OS Credential Dumping
T1005 - Data from Local System
T1014 - Rootkit
T1018
T1021
T1021.001
T1027 - Obfuscated Files or Information
T1027.001
T1036 - Masquerading
T1036.005
T1037 - Boot or Logon Initialization Scripts
T1041 - Exfiltration Over C2 Channel
T1046 - Network Service Scanning
T1049 - System Network Connections Discovery
T1053 - Scheduled Task/Job
T1055 - Process Injection
T1056 - Input Capture
T1059 - Command and Scripting Interpreter
T1059.001
T1068 - Exploitation for Privilege Escalation
T1070 - Indicator Removal on Host
T1071 - Application Layer Protocol
T1078 - Valid Accounts
T1082 - System Information Discovery
T1090 - Proxy
T1106 - Native API
T1119 - Automated Collection
T1127 - Trusted Developer Utilities Proxy Execution
T1133 - External Remote Services
T1134 - Access Token Manipulation
T1140 - Deobfuscate/Decode Files or Information
T1189 - Drive-by Compromise
T1195 - Supply Chain Compromise
T1213
T1213.002
T1219
T1482
T1486
T1489 - Service Stop
T1490 - Inhibit System Recovery
T1505 - Server Software Component
T1525 - Implant Internal Image
T1530 - Data from Cloud Storage Object
T1531
T1543 - Create or Modify System Process
T1547 - Boot or Logon Autostart Execution
T1552 - Unsecured Credentials
T1553 - Subvert Trust Controls
T1558
T1560 - Archive Collected Data
T1560.001
T1562 - Impair Defenses
T1562.001
T1566 - Phishing
T1567 - Exfiltration Over Web Service
T1567.002
T1569 - System Services
T1573 - Encrypted Channel
T1610 - Deploy Container
T1611 - Escape to Host
T1657