admin@338
MITRE
Type:
Unknown
Unknown
Country:
Unknown
Unknown
First seen:
Unknown
Unknown
Details:
[admin@338](https://attack.mitre.org/groups/G0018) is a China-based cyber threat group. It has previously used newsworthy events as lures to deliver malware and has primarily targeted organizations involved in financial, economic, and trade policy, typically using publicly available RATs such as [PoisonIvy](https://attack.mitre.org/software/S0012), as well as some non-public backdoors. (Citation: FireEye admin@338)
MITRE ATT&CK:
View on MITRE
Techniques Used (12)
| ID | ATT&CK | Tactics |
|---|---|---|
| T1007 | System Service Discovery | - |
| T1016 | System Network Configuration Discovery | - |
| T1036.005 | Match Legitimate Resource Name or Location | - |
| T1049 | System Network Connections Discovery | - |
| T1059.003 | Windows Command Shell | - |
| T1069.001 | Local Groups | - |
| T1082 | System Information Discovery | - |
| T1083 | File and Directory Discovery | - |
| T1087.001 | Local Account | - |
| T1203 | Exploitation for Client Execution | - |
| T1204.002 | Malicious File | - |
| T1566.001 | Spearphishing Attachment | - |
Related Malware (7)
Metadata
| ID: | 875 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 04:00 |