🇮🇳
Dropping Elephant
APT Group
Information theft and espionage
3 zero-day CVEs
ETDA ✓
Also Known As 11 names
APT-C-09
ATK11
Chinastrats
QUILTED TIGER
G0040
Monsoon
Orange Athos
Patchwork
Sarit
Thirsty Gemini
ZINC EMERSON
Target Countries 14
Countries highlighted in red
Bangladesh
Bhutan
China
Israel
India
Japan
Cambodia
Republic of Korea
Sri Lanka
Myanmar
Nepal
Pakistan
Turkey
United States
Sectors Targeted
Defense
Government
IT
Computer Systems Design Services
541512
Travel Agencies
561510
Commercial Banking
52211
Military
Media
Financial
Private sector
Aviation
Data Processing, Hosting, and Related Services
51821
Energy
NGOs
Pharmaceutical
Think Tanks
Details
Origin
🇮🇳 IN
Last Updated
16 Jul 2024
Malware Families 7
dilljuice
Nexe Backdoor
win.shatteredglass
unidentified_102
knspy
GlassWorm
glasses
MITRE ATT&CK 89
T1005 - Data from Local System
T1021
T1021.001
T1025 - Data from Removable Media
T1027 - Obfuscated Files or Information
T1027.001
T1027.002
T1027.005
T1027.010
T1030 - Data Transfer Size Limits
T1033
T1036 - Masquerading
T1036.005 - Match Legitimate Name or Location
T1041 - Exfiltration Over C2 Channel
T1048 - Exfiltration Over Alternative Protocol
T1053 - Scheduled Task/Job
T1053.005 - Scheduled Task
T1055 - Process Injection
T1055.012
T1056 - Input Capture
T1057 - Process Discovery
T1059 - Command and Scripting Interpreter
T1059.001 - PowerShell
T1059.003
T1059.005
T1070 - Indicator Removal on Host
T1070.004
T1070.006 - Timestomp
T1071 - Application Layer Protocol
T1071.001 - Web Protocols
T1074 - Data Staged
T1074.001
T1082 - System Information Discovery
T1083 - File and Directory Discovery
T1102
T1102.001
T1102.002 - Bidirectional Communication
T1105 - Ingress Tool Transfer
T1106 - Native API
T1110 - Brute Force
T1112
T1113 - Screen Capture
T1119
T1124 - System Time Discovery
T1132 - Data Encoding
T1132.001 - Standard Encoding
T1140 - Deobfuscate/Decode Files or Information
T1189
T1190 - Exploit Public-Facing Application
T1197
T1203 - Exploitation for Client Execution
T1204 - User Execution
T1204.001
T1204.002 - Malicious File
T1213 - Data from Information Repositories
T1497 - Virtualization/Sandbox Evasion
T1497.001 - System Checks
T1518
T1518.001
T1534 - Internal Spearphishing
T1547 - Boot or Logon Autostart Execution
T1547.001 - Registry Run Keys / Startup Folder
T1548
T1548.002
T1553
T1553.002
T1555
T1555.003 - Credentials from Web Browsers
T1559
T1559.002
T1560
T1562.001 - Disable or Modify Tools
T1566 - Phishing
T1566.001 - Spearphishing Attachment
T1566.002
T1568.002 - Domain Generation Algorithms
T1571 - Non-Standard Port
T1573.001 - Symmetric Cryptography
T1574
T1574.001
T1574.002 - DLL Side-Loading
T1583.001 - Domains
T1587
T1587.002
T1588 - Obtain Capabilities
T1588.002
T1598
T1598.003
T1680