TTPs for  8base



Sponsored by Hudson RockUse Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Execution (TA0002) Persistence (TA0003) Privilege Escalation (TA0004) Defense Evasion (TA0005) Credential Access (TA0006) Discovery (TA0007) Lateral Movement (TA0008) Collection (TA0009) Impact (TA0040)
Scheduled Task/Job (T1053)
Scheduled Task/Job (T1053)
Scheduled Task/Job (T1053)
Obfuscated Files or Information (T1027)
OS Credential Dumping (T1003)
Process Discovery (T1057)
Taint Shared Content (T1080)
Data from Local System (T1005)
Inhibit System Recovery (T1490)
Command and Scripting Interpreter (T1059)
Boot or Logon Autostart Execution (T1547)
Boot or Logon Autostart Execution (T1547)
Modify Registry (T1112)
Input Capture (T1056)
Network Share Discovery (T1135)
Data Staged (T1074)
Data Encrypted for Impact (T1486)
Shared Modules (T1129)
Registry Run Keys/Startup Folder (T1547.001)
Registry Run Keys/Startup Files (T1547.001)
Indirect Command Execution (T1202)
System Information Discovery (T1082)
Input Capture (T1056)
Data Destruction (T1485)
Token Impersonation/Theft (T1134.001)
Software Packing (T1027.002)
File and Directory Discovery (T1083)
Masquerading (T1036)
Virtualization/Sandbox Evasion (T1497)
Hidden Files and Directories (T1564.001)
Security Software Discovery (T1518.001)
File Deletion (T1070.004)
Virtualization/Sandbox Evasion (T1497)
Disable or Modify Tools (T1562.001)

This information is provided by Crocodyli or Ransomware.live