UNC3886
MISP
Tipo:
Unknown
Unknown
Paese:
CN
CN
Prima attivita:
Unknown
Unknown
Dettagli:
[UNC3886](https://attack.mitre.org/groups/G1048) is a China-nexus cyberespionage group that has been active since at least 2022, targeting defense, technology, and telecommunication organizations located in the United States and the Asia-Pacific-Japan (APJ) regions. [UNC3886](https://attack.mitre.org/groups/G1048) has displayed a deep understanding of edge devices and virtualization technologies through the exploitation of zero-day vulnerabilities and the use of novel malware families and utilities.(Citation: Mandiant Fortinet Zero Day)(Citation: Google Cloud Threat Intelligence VMWare ESXi Zero-Day 2023)
MITRE ATT&CK:
View on MITRE
Tecniche Utilizzate (49)
| ID | ATT&CK | Tattiche |
|---|---|---|
| T1003.001 | LSASS Memory | - |
| T1008 | Fallback Channels | - |
| T1014 | Rootkit | - |
| T1021.004 | SSH | - |
| T1027.005 | Indicator Removal from Tools | - |
| T1036.004 | Masquerade Task or Service | - |
| T1037 | Boot or Logon Initialization Scripts | - |
| T1037.004 | RC Scripts | - |
| T1040 | Network Sniffing | - |
| T1057 | Process Discovery | - |
| T1059.001 | PowerShell | - |
| T1059.003 | Windows Command Shell | - |
| T1059.004 | Unix Shell | - |
| T1059.006 | Python | - |
| T1059.012 | Hypervisor CLI | - |
Malware Utilizzato (8)
Metadata
| ID: | 439 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 04:00 |