🇷🇺

UNC2452

APT Group ETDA ✓

Also Known As 2 names

StellarParticle Solar Phoenix

Target Countries 16

Countries highlighted in red

United Arab Emirates Australia Canada Switzerland Cameroon Germany Denmark Spain United Kingdom Israel India Mongolia Mexico Netherlands Ukraine United States

Sectors Targeted

Computer Systems Design Services 541512 NAICS:31 31 Management of Companies and Enterprises 55 Computer Systems Design and Related Services 54151 Periodical Publishers 51112 Public Administration 92 Finance and Insurance 52 Business Schools and Computer and Management Training 6114 Translation and Interpretation Services 54193 Educational Services 61 Space Research and Technology 927 Other Information Services 519 Commercial Banking 52211 Libraries and Archives 51912 National Security and International Affairs 9281 Internet Publishing and Broadcasting and Web Search Portals 51913 Motion Picture and Video Production 51211 Professional, Scientific, and Technical Services 54 Telecommunications 517 Information 51 Computer Systems Design and Related Services 5415 Grantmaking and Giving Services 8132 Real Estate 531 Utilities 22 National Security and International Affairs 928 Software Publishers 5112 National Security and International Affairs 928110 Business, Professional, Labor, Political, and Similar Organizations 8139 Health Care and Social Assistance 62

Details

Origin 🇷🇺 RU
Last Updated 01 Jun 2022

MITRE ATT&CK 176

T1001 T1001.002 T1003 T1003.002 T1003.004 T1003.006 T1005 T1016 T1016.001 T1018 - Remote System Discovery T1021 - Remote Services T1021.001 - Remote Desktop Protocol T1021.002 T1021.006 T1021.007 T1022 - Data Encrypted T1027 - Obfuscated Files or Information T1027.001 T1027.002 T1027.003 T1027.006 T1036 - Masquerading T1036.004 T1036.005 T1037 T1037.004 T1047 - Windows Management Instrumentation T1048 - Exfiltration Over Alternative Protocol T1048.002 T1053 T1053.005 T1055 - Process Injection T1055.001 T1056 T1057 T1059 - Command and Scripting Interpreter T1059.001 - PowerShell T1059.003 T1059.005 T1059.006 T1059.009 T1068 T1069 T1069.002 T1070 T1070.004 T1070.006 T1070.008 T1071 T1071.001 - Web Protocols T1074 T1074.002 T1078 - Valid Accounts T1078.002 T1078.003 T1078.004 T1083 - File and Directory Discovery T1087 T1087.002 T1087.004 T1090 - Proxy T1090.001 T1090.002 T1090.003 T1090.004 T1098 T1098.001 T1098.002 T1098.003 T1098.005 T1102 - Web Service T1102.002 T1105 - Ingress Tool Transfer T1106 T1110 T1110.001 T1110.003 T1112 - Modify Registry T1114 T1114.002 T1115 - Clipboard Data T1127 T1133 - External Remote Services T1134 T1136 T1136.003 T1140 T1176 - Browser Extensions T1189 T1190 T1195 T1195.002 T1199 - Trusted Relationship T1203 T1204 - User Execution T1204.001 T1204.002 T1213 T1213.003 T1218 T1218.005 T1218.011 T1222 - File and Directory Permissions Modification T1482 T1484 T1484.002 T1490 - Inhibit System Recovery T1497 - Virtualization/Sandbox Evasion T1505 T1505.003 T1528 T1539 T1546 T1546.003 T1546.008 T1547 T1547.001 T1548 T1548.002 T1550 T1550.001 T1550.003 T1550.004 T1552 T1552.004 T1553 T1553.002 T1553.005 T1555 T1555.003 T1556 T1556.007 T1558 T1558.003 T1560 T1560.001 T1562 T1562.001 T1562.002 T1562.004 T1562.008 T1566 - Phishing T1566.001 T1566.002 T1566.003 T1568 T1571 - Non-Standard Port T1573 - Encrypted Channel T1583 T1583.001 - Domains T1583.006 T1584 T1584.001 - Domains T1585 T1585.001 T1586 T1586.002 T1586.003 T1587 T1587.001 T1587.003 T1588 T1588.002 T1589 T1589.001 T1595 T1595.002 T1606 T1606.001 T1606.002 T1610 T1621 T1649 T1651 T1665 T1680

Related Zero-Days

No zero-day CVE linked to this actor