…Lazarus. Retrieved May 1, 2020. Kimayong, P. (2020, June 18). COVID-19 and FMLA Campaigns used to install new IcedID banking malware. Retrieved July 14, 2020. DFIR. (2022, April 25). Quantum Ransomware. Retrieved July 26, 2024. DFIR. (2021, March 29). Sodinokibi (aka REvil) Ranso…
US
Command and Scripting Interpreter: PowerShell, Sub-technique T1059.001 - Enterprise | MITRE ATT&CK®
https://attack.mitre.org/versions/v17/techniques/T1059/001
…s: Breaking Down TA505 Group’s Use of HTML, RATs and Other Techniques in Latest Campaigns. Retrieved May 29, 2020. Ilascu, I. (2020, December 14). Hacking group’s new malware abuses Google and Facebook services. Retrieved December 28, 2020. Cristian Souza, Eduardo Ovalle, Ashley …
US
Command and Scripting Interpreter: PowerShell, Sub-technique T1059.001 - Enterprise | MITRE
ATT&CK®
https://attack.mitre.org/techniques/T1059/001
…er JSS Loader has the ability to download and execute PowerShell scripts. [157] C0044 Juicy Mix During Juicy Mix , OilRig used a PowerShell script to steal credentials. [158] S0387 KeyBoy KeyBoy uses PowerShell commands to download and execute payloads. [159] S0526 KGH_SPY KGH_SP…
…. Retrieved June 20, 2019. Arsene, L. (2020, April 21). Oil & Gas Spearphishing Campaigns Drop Agent Tesla Spyware in Advance of Historic OPEC+ Deal. Retrieved May 19, 2020. Check Point Software Technologies. (2015). ROCKET KITTEN: A CAMPAIGN WITH 9 LIVES. Retrieved March 16, 201…
…ra, H., Maruyama, E. (2020, April 17). Gamaredon APT Group Use Covid-19 Lure in Campaigns. Retrieved May 19, 2020. Boutin, J. (2020, June 11). Gamaredon group grows its game. Retrieved June 16, 2020. CERT-EE. (2021, January 27). Gamaredon Infection: From Dropper to Entry. Retriev…
…ra, H., Maruyama, E. (2020, April 17). Gamaredon APT Group Use Covid-19 Lure in Campaigns. Retrieved May 19, 2020. CERT-EE. (2021, January 27). Gamaredon Infection: From Dropper to Entry. Retrieved February 17, 2022. Schwarz, D. et al. (2019, October 16). TA505 Distributes New SD…