RTM

MISP

Type:
Unknown

Country:
Unknown

First seen:
Unknown

Details:

[RTM](https://attack.mitre.org/groups/G0048) is a cybercriminal group that has been active since at least 2015 and is primarily interested in users of remote banking systems in Russia and neighboring countries. The group uses a Trojan by the same name ([RTM](https://attack.mitre.org/software/S0148)). (Citation: ESET RTM Feb 2017)

MITRE ATT&CK: View on MITRE

Techniques Used (7)

ID	ATT&CK	Tactics
T1102.001	Dead Drop Resolver	-
T1189	Drive-by Compromise	-
T1204.002	Malicious File	-
T1219.002	Remote Desktop Software	-
T1547.001	Registry Run Keys / Startup Folder	-
T1566.001	Spearphishing Attachment	-
T1574.001	DLL	-

References (2)

Aliases (196)

G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048 G0048

Related Malware (1)

RTM
other

Metadata

ID:	240
Created:	13/01/2026 17:48
Updated:	21/04/2026 16:00