netsh
Associated Software Descriptions |
|
Name | Description |
---|
Groups That Use This Software |
||
ID | Name | References |
---|---|---|
G1017 | Volt Typhoon |
(Citation: CISA AA24-038A PRC Critical Infrastructure February 2024) (Citation: Microsoft Volt Typhoon May 2023) (Citation: Joint Cybersecurity Advisory Volt Typhoon June 2023) |
G0074 | Dragonfly 2.0 |
(Citation: US-CERT TA18-074A) |
G0019 | Naikon |
(Citation: Baumgartner Naikon 2015) |
G0050 | APT32 |
(Citation: Cybereason Cobalt Kitty 2017) |
G0059 | Magic Hound |
(Citation: DFIR Report APT35 ProxyShell March 2022) |
G0032 | Lazarus Group |
(Citation: Novetta Blockbuster Loaders) |
G0008 | Carbanak |
(Citation: Group-IB Anunak) |
G0035 | Dragonfly |
(Citation: US-CERT TA18-074A) |
References
- NSA et al. (2023, May 24). People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection. Retrieved July 27, 2023.
- Kaspersky Lab's Global Research and Analysis Team. (2017, February 8). Fileless attacks against enterprise networks. Retrieved February 8, 2017.
- Demaske, M. (2016, September 23). USING NETSHELL TO EXECUTE EVIL DLLS AND PERSIST ON A HOST. Retrieved April 8, 2017.
- CISA et al.. (2024, February 7). PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure. Retrieved May 15, 2024.
- Microsoft. (2009, June 3). Netsh Commands for Windows Firewall. Retrieved April 20, 2016.
- Microsoft. (n.d.). Using Netsh. Retrieved February 13, 2017.
- Microsoft Threat Intelligence. (2023, May 24). Volt Typhoon targets US critical infrastructure with living-off-the-land techniques. Retrieved July 27, 2023.
Мы используем cookie-файлы, чтобы получить статистику, которая помогает нам улучшить сервис для вас с целью персонализации сервисов и предложений. Вы может прочитать подробнее о cookie-файлах или изменить настройки браузера. Продолжая пользоваться сайтом, вы даёте согласие на использование ваших cookie-файлов и соглашаетесь с Политикой обработки персональных данных.