SILENTTRINITY
MITRE
Malware Type:
Tool
Tool
First seen:
Unknown
Unknown
Last seen:
Unknown
Unknown
Details:
[SILENTTRINITY](https://attack.mitre.org/software/S0692) is an open source remote administration and post-exploitation framework primarily written in Python that includes stagers written in Powershell, C, and Boo. [SILENTTRINITY](https://attack.mitre.org/software/S0692) was used in a 2019 campaign against Croatian government agencies by unidentified cyber actors.(Citation: GitHub SILENTTRINITY March 2022)(Citation: Security Affairs SILENTTRINITY July 2019)
Associated Techniques (53)
| ID | ATT&CK | Tactics |
|---|---|---|
| T1003.001 | LSASS Memory | - |
| T1007 | System Service Discovery | - |
| T1010 | Application Window Discovery | - |
| T1012 | Query Registry | - |
| T1018 | Remote System Discovery | - |
| T1021.003 | Distributed Component Object Model | - |
| T1021.006 | Windows Remote Management | - |
| T1033 | System Owner/User Discovery | - |
| T1041 | Exfiltration Over C2 Channel | - |
| T1046 | Network Service Discovery | - |
| T1047 | Windows Management Instrumentation | - |
| T1055 | Process Injection | - |
| T1056.001 | Keylogging | - |
| T1056.002 | GUI Input Capture | - |
| T1057 | Process Discovery | - |
Metadata
| ID: | 705 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 16:00 |