Mofang
Associated Group Descriptions |
|
Name | Description |
---|---|
Techniques Used |
||||
Domain | ID | Name | Use | |
---|---|---|---|---|
Enterprise | T1027 | .013 | Obfuscated Files or Information: Encrypted/Encoded File |
Mofang has compressed the ShimRat executable within malicious email attachments. Mofang has also encrypted payloads before they are downloaded to victims.(Citation: FOX-IT May 2016 Mofang) |
Enterprise | T1566 | .001 | Phishing: Spearphishing Attachment |
Mofang delivered spearphishing emails with malicious documents, PDFs, or Excel files attached.(Citation: FOX-IT May 2016 Mofang) |
.002 | Phishing: Spearphishing Link |
Mofang delivered spearphishing emails with malicious links included.(Citation: FOX-IT May 2016 Mofang) |
||
Enterprise | T1204 | .001 | User Execution: Malicious Link |
Mofang's spearphishing emails required a user to click the link to connect to a compromised website.(Citation: FOX-IT May 2016 Mofang) |
.002 | User Execution: Malicious File |
Mofang's malicious spearphishing attachments required a user to open the file after receiving.(Citation: FOX-IT May 2016 Mofang) |
Мы используем cookie-файлы, чтобы получить статистику, которая помогает нам улучшить сервис для вас с целью персонализации сервисов и предложений. Вы может прочитать подробнее о cookie-файлах или изменить настройки браузера. Продолжая пользоваться сайтом, вы даёте согласие на использование ваших cookie-файлов и соглашаетесь с Политикой обработки персональных данных.