Leafminer
MITRE
Type:
Unknown
Unknown
Country:
Unknown
Unknown
First seen:
Unknown
Unknown
Details:
[Leafminer](https://attack.mitre.org/groups/G0077) is an Iranian threat group that has targeted government organizations and business entities in the Middle East since at least early 2017. (Citation: Symantec Leafminer July 2018)
MITRE ATT&CK:
View on MITRE
Techniques Used (17)
| ID | ATT&CK | Tactics |
|---|---|---|
| T1003.001 | LSASS Memory | - |
| T1003.004 | LSA Secrets | - |
| T1003.005 | Cached Domain Credentials | - |
| T1018 | Remote System Discovery | - |
| T1027.010 | Command Obfuscation | - |
| T1046 | Network Service Discovery | - |
| T1055.013 | Process Doppelgänging | - |
| T1059.007 | JavaScript | - |
| T1083 | File and Directory Discovery | - |
| T1110.003 | Password Spraying | - |
| T1114.002 | Remote Email Collection | - |
| T1136.001 | Local Account | - |
| T1189 | Drive-by Compromise | - |
| T1552.001 | Credentials In Files | - |
| T1555 | Credentials from Password Stores | - |
Aliases (105)
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Raspite
Related Malware (4)
Metadata
| ID: | 885 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 16:00 |