Skip to content

[Intel]: https://sansec.io/research/nginrat #94

New issue
New issue
Open
Open
[Intel]: https://sansec.io/research/nginrat#94
Assignees
timb-machine
Labels
missing:tag:Non-persistentStoragemissing:tag:T1005missing:tag:T1048missing:tag:T1053.003missing:tag:T1057missing:tag:T1071.001missing:tag:T1083missing:tag:T1205missing:tag:T1491missing:tag:T1546.004missing:tag:T1548.003missing:tag:T1567missing:tag:T1573missing:tag:T1574.006missing:tag:T1574.007missing:tag:T1590
@timb-machine

Description

@timb-machine
timb-machine
opened on Apr 19, 2022

Area

Malware reports

Parent threat

Defense Evasion

Finding

https://sansec.io/research/nginrat

Industry reference

uses:Non-persistentStorage
attack:T1036.005:Match Legitimate Name or Location
attack:T1574.006:Dynamic Linker Hijacking
attack:T1027:Obfuscated Files or Information
uses:ProcessTreeSpoofing

Malware reference

NginRAT
wltm

Actor reference

No response

Component

No response

Scenario

No response

Metadata

Metadata