Moonstone Sleet
MITRE
Tipo:
Unknown
Unknown
Paese:
Unknown
Unknown
Prima attivita:
Unknown
Unknown
Dettagli:
[Moonstone Sleet](https://attack.mitre.org/groups/G1036) is a North Korean-linked threat actor executing both financially motivated attacks and espionage operations. The group previously overlapped significantly with another North Korean-linked entity, [Lazarus Group](https://attack.mitre.org/groups/G0032), but has differentiated its tradecraft since 2023. [Moonstone Sleet](https://attack.mitre.org/groups/G1036) is notable for creating fake companies and personas to interact with victim entities, as well as developing unique malware such as a variant delivered via a fully functioning game.(Citation: Microsoft Moonstone Sleet 2024)
MITRE ATT&CK:
View on MITRE
Tecniche Utilizzate (30)
| ID | ATT&CK | Tattiche |
|---|---|---|
| T1003.001 | LSASS Memory | - |
| T1016 | System Network Configuration Discovery | - |
| T1027 | Obfuscated Files or Information | - |
| T1027.009 | Embedded Payloads | - |
| T1027.013 | Encrypted/Encoded File | - |
| T1033 | System Owner/User Discovery | - |
| T1053.005 | Scheduled Task | - |
| T1071.001 | Web Protocols | - |
| T1082 | System Information Discovery | - |
| T1105 | Ingress Tool Transfer | - |
| T1140 | Deobfuscate/Decode Files or Information | - |
| T1195.002 | Compromise Software Supply Chain | - |
| T1204.002 | Malicious File | - |
| T1217 | Browser Information Discovery | - |
| T1486 | Data Encrypted for Impact | - |
Alias (105)
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Storm-1789
Malware Utilizzato (1)
Metadata
| ID: | 918 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 16:00 |