admin@338
MITRE
Tipo:
Unknown
Unknown
Paese:
Unknown
Unknown
Prima attivita:
Unknown
Unknown
Dettagli:
[admin@338](https://attack.mitre.org/groups/G0018) is a China-based cyber threat group. It has previously used newsworthy events as lures to deliver malware and has primarily targeted organizations involved in financial, economic, and trade policy, typically using publicly available RATs such as [PoisonIvy](https://attack.mitre.org/software/S0012), as well as some non-public backdoors. (Citation: FireEye admin@338)
MITRE ATT&CK:
View on MITRE
Tecniche Utilizzate (12)
| ID | ATT&CK | Tattiche |
|---|---|---|
| T1007 | System Service Discovery | - |
| T1016 | System Network Configuration Discovery | - |
| T1036.005 | Match Legitimate Resource Name or Location | - |
| T1049 | System Network Connections Discovery | - |
| T1059.003 | Windows Command Shell | - |
| T1069.001 | Local Groups | - |
| T1082 | System Information Discovery | - |
| T1083 | File and Directory Discovery | - |
| T1087.001 | Local Account | - |
| T1203 | Exploitation for Client Execution | - |
| T1204.002 | Malicious File | - |
| T1566.001 | Spearphishing Attachment | - |
Malware Utilizzato (7)
Metadata
| ID: | 875 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 04:00 |