Water Bakunawa

T1003 - OS Credential Dumping T1011 - Exfiltration Over Other Network Medium T1014 - Rootkit T1021 - Remote Services T1027 - Obfuscated Files or Information T1036 - Masquerading T1037 - Boot or Logon Initialization Scripts T1046 - Network Service Scanning T1047 - Windows Management Instrumentation T1049 - System Network Connections Discovery T1053 - Scheduled Task/Job T1055 - Process Injection T1059 - Command and Scripting Interpreter T1068 - Exploitation for Privilege Escalation T1070 - Indicator Removal on Host T1090 - Proxy T1102 - Web Service T1106 - Native API T1113 - Screen Capture T1127 - Trusted Developer Utilities Proxy Execution T1133 - External Remote Services T1140 - Deobfuscate/Decode Files or Information T1176 - Browser Extensions T1189 - Drive-by Compromise T1489 - Service Stop T1490 - Inhibit System Recovery T1505 - Server Software Component T1530 - Data from Cloud Storage Object T1543 - Create or Modify System Process T1546 - Event Triggered Execution T1547 - Boot or Logon Autostart Execution T1550 - Use Alternate Authentication Material T1553 - Subvert Trust Controls T1560 - Archive Collected Data T1562 - Impair Defenses T1566 - Phishing T1569 - System Services