FIN8

MISP
Tipo:
Unknown
Paese:
Unknown
Prima attivita:
Unknown
Dettagli:

[FIN8](https://attack.mitre.org/groups/G0061) is a financially motivated threat group that has been active since at least January 2016, and known for targeting organizations in the hospitality, retail, entertainment, insurance, technology, chemical, and financial sectors. In June 2021, security researchers detected [FIN8](https://attack.mitre.org/groups/G0061) switching from targeting point-of-sale (POS) devices to distributing a number of ransomware variants.(Citation: FireEye Obfuscation June 2017)(Citation: FireEye Fin8 May 2016)(Citation: Bitdefender Sardonic Aug 2021)(Citation: Symantec FIN8 Jul 2023)

MITRE ATT&CK: View on MITRE
Tecniche Utilizzate (36)
ID ATT&CK Tattiche
T1003.001 LSASS Memory -
T1016.001 Internet Connection Discovery -
T1018 Remote System Discovery -
T1021.001 Remote Desktop Protocol -
T1021.002 SMB/Windows Admin Shares -
T1027.010 Command Obfuscation -
T1033 System Owner/User Discovery -
T1047 Windows Management Instrumentation -
T1048.003 Exfiltration Over Unencrypted Non-C2 Protocol -
T1053.005 Scheduled Task -
T1055.004 Asynchronous Procedure Call -
T1059.001 PowerShell -
T1059.003 Windows Command Shell -
T1068 Exploitation for Privilege Escalation -
T1070.001 Clear Windows Event Logs -
Riferimenti (6)
Alias (310)
ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx ATK113 G0061 Syssphinx
Malware Utilizzato (11)
BADHATCH
other
dsquery
tool
Impacket
tool
Net
tool
Nltest
tool
Ping
tool
PsExec
tool
PUNCHBUGGY
other
PUNCHTRACK
other
Ragnar Locker
other
Metadata
ID: 115
Created: 13/01/2026 17:48
Updated: 06/03/2026 04:00