…esidue (Micro Method) RR:D02-1193 D2007-Standard Test Method for Characteristic Groups in Rubber Extender and Processing Oils and Other Petroleum-Derived Oils by the Clay-Gel Absorption Chromatographic Method RR:D02-1195 D3240-Test Method for Undissolved Water In Aviation Turbine…

…T has executed PowerShell commands via auto-run registry key persistence. [219] G0133 Nomadic Octopus Nomadic Octopus has used PowerShell for execution. [220] G0049 OilRig OilRig has used PowerShell scripts for execution, including use of a macro to run a PowerShell command to de…

…eat Research. (2019, October 7). China-Based APT Mustang Panda Targets Minority Groups, Public and Private Sector Organizations. Retrieved April 12, 2021. Victor, K.. (2020, May 18). Netwalker Fileless Ransomware Injected via Reflective Loading . Retrieved May 26, 2020. Szappanos…

…T has executed PowerShell commands via auto-run registry key persistence. [190] G0133 Nomadic Octopus Nomadic Octopus has used PowerShell for execution. [191] G0049 OilRig OilRig has used PowerShell scripts for execution, including use of a macro to run a PowerShell command to de…

…s been spread via e-mail campaigns utilizing malicious attachments. [172] [173] G0133 Nomadic Octopus Nomadic Octopus has targeted victims with spearphishing emails containing malicious attachments. [174] [175] S0346 OceanSalt OceanSalt has been delivered via spearphishing emails…

…eat Research. (2019, October 7). China-Based APT Mustang Panda Targets Minority Groups, Public and Private Sector Organizations. Retrieved April 12, 2021. Hamzeloofard, S. (2020, January 31). New wave of PlugX targets Hong Kong | Avira Blog. Retrieved April 13, 2021. Insikt Group…

…T has executed PowerShell commands via auto-run registry key persistence. [130] G0133 Nomadic Octopus Nomadic Octopus has used PowerShell for execution. [131] G0049 OilRig OilRig has used PowerShell scripts for execution, including use of a macro to run a PowerShell command to de…

…57] [358] S0353 NOKKI NOKKI has downloaded a remote module for execution. [359] G0133 Nomadic Octopus Nomadic Octopus has used malicious macros to download additional files to the victim's machine. [360] S0340 Octopus Octopus can download additional files and tools onto the victi…

… njRAT njRAT can launch a command shell interface for executing commands. [260] G0133 Nomadic Octopus Nomadic Octopus used cmd.exe /c within a malicious macro. [261] S0346 OceanSalt OceanSalt can create a reverse shell on the infected endpoint using cmd.exe. [262] OceanSalt has b…

…90] [391] S0353 NOKKI NOKKI has downloaded a remote module for execution. [392] G0133 Nomadic Octopus Nomadic Octopus has used malicious macros to download additional files to the victim's machine. [393] S0340 Octopus Octopus can download additional files and tools onto the victi…

…eat Research. (2019, October 7). China-Based APT Mustang Panda Targets Minority Groups, Public and Private Sector Organizations. Retrieved April 12, 2021. Hamzeloofard, S. (2020, January 31). New wave of PlugX targets Hong Kong | Avira Blog. Retrieved April 13, 2021. Kasza, A., H…

…urveillance and Attacks Targeting ASEAN, Asian Nations, the Media, Human Rights Groups, and Civil Society. Retrieved November 6, 2017. Security Response attack Investigation Team. (2019, March 27). Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia a…

…s been spread via e-mail campaigns utilizing malicious attachments. [132] [133] G0133 Nomadic Octopus Nomadic Octopus has targeted victims with spearphishing emails containing malicious attachments. [134] [135] S0346 OceanSalt OceanSalt has been delivered via spearphishing emails…

… njRAT njRAT can launch a command shell interface for executing commands. [200] G0133 Nomadic Octopus Nomadic Octopus used cmd.exe /c within a malicious macro. [201] S0346 OceanSalt OceanSalt can create a reverse shell on the infected endpoint using cmd.exe. [202] OceanSalt has b…

…cuted through luring victims into opening malicious documents. [126] [75] [127] G0133 Nomadic Octopus Nomadic Octopus as attempted to lure victims into clicking on malicious attachments within spearphishing emails. [128] [129] S0340 Octopus Octopus has relied upon users clicking …