Cервис управления информационной безопасностью
Cервис управления информационной безопасностью
Вход Регистрация
MITRE ATT&CK - Инструмент Nltest
CVE уязвимости
БДУ ФСТЭК уязвимости
НКЦКИ уязвимости
MITRE ATT&CK
БДУ ФСТЭК
Новая БДУ ФСТЭК
Риски
Каталоги
MITRE ATT&CK
Инструмент
Nltest
Куда я попал?
SECURITM это SGRC система, ? автоматизирующая процессы в службах информационной безопасности. SECURITM помогает построить и управлять ИСПДн, КИИ, ГИС, СМИБ/СУИБ, банковскими системами защиты.
А еще SECURITM это место для обмена опытом и наработками для служб безопасности.
Подробнее
Наш канал

Nltest

Nltest is a Windows command-line utility used to list domain controllers and enumerate domain trusts.(Citation: Nltest Manual)
ID: S0359
Type: TOOL
Platforms: Windows
Version: 1.3
Created: 14 Feb 2019
Last Modified: 25 Sep 2024

Groups That Use This Software
ID Name References
G1040 Play

(Citation: Trend Micro Ransomware Spotlight Play July 2023)

G0102 Wizard Spider

(Citation: Red Canary Hospital Thwarted Ryuk October 2020) (Citation: FireEye KEGTAP SINGLEMALT October 2020) (Citation: Sophos New Ryuk Attack October 2020) (Citation: Mandiant FIN12 Oct 2021) (Citation: DFIR Ryuk 2 Hour Speed Run November 2020) (Citation: DFIR Ryuk in 5 Hours October 2020) (Citation: DFIR Ryuk's Return October 2020)

G1032 INC Ransom

(Citation: Huntress INC Ransom Group August 2023)

G0061 FIN8

(Citation: Bitdefender FIN8 July 2021)

G1006 Earth Lusca

(Citation: TrendMicro EarthLusca 2022)

G1017 Volt Typhoon

(Citation: CISA AA24-038A PRC Critical Infrastructure February 2024) (Citation: Secureworks BRONZE SILHOUETTE May 2023)

References

  1. ss64. (n.d.). NLTEST.exe - Network Location Test. Retrieved February 14, 2019.
  2. Trend Micro Research. (2023, July 21). Ransomware Spotlight: Play. Retrieved September 24, 2024.
  3. Brian Donohue, Katie Nickels, Paul Michaud, Adina Bodkins, Taylor Chapman, Tony Lambert, Jeff Felling, Kyle Rainey, Mike Haag, Matt Graeber, Aaron Didier.. (2020, October 29). A Bazar start: How one hospital thwarted a Ryuk ransomware outbreak. Retrieved October 30, 2020.
  4. Kimberly Goody, Jeremy Kennelly, Joshua Shilko, Steve Elovitz, Douglas Bienstock. (2020, October 28). Unhappy Hour Special: KEGTAP and SINGLEMALT With a Ransomware Chaser. Retrieved October 28, 2020.
  5. Sean Gallagher, Peter Mackenzie, Elida Leite, Syed Shahram, Bill Kearney, Anand Aijan, Sivagnanam Gn, Suraj Mundalik. (2020, October 14). They’re back: inside a new Ryuk ransomware attack. Retrieved October 14, 2020.
  6. Shilko, J., et al. (2021, October 7). FIN12: The Prolific Ransomware Intrusion Threat Actor That Has Aggressively Pursued Healthcare Targets. Retrieved June 15, 2023.
  7. The DFIR Report. (2020, November 5). Ryuk Speed Run, 2 Hours to Ransom. Retrieved November 6, 2020.
  8. The DFIR Report. (2020, October 18). Ryuk in 5 Hours. Retrieved October 19, 2020.
  9. The DFIR Report. (2020, October 8). Ryuk’s Return. Retrieved October 9, 2020.
  10. Team Huntress. (2023, August 11). Investigating New INC Ransom Group Activity. Retrieved June 5, 2024.
  11. Bacurio Jr., F. and Salvio, J. (2018, April 9). Trickbot’s New Reconnaissance Plugin. Retrieved February 14, 2019.
  12. Martin Zugec. (2021, July 27). Deep Dive Into a FIN8 Attack - A Forensic Investigation. Retrieved September 1, 2021.
  13. Chen, J., et al. (2022). Delving Deep: An Analysis of Earth Lusca’s Operations. Retrieved July 1, 2022.
  14. CISA et al.. (2024, February 7). PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure. Retrieved May 15, 2024.
  15. Counter Threat Unit Research Team. (2023, May 24). Chinese Cyberespionage Group BRONZE SILHOUETTE Targets U.S. Government and Defense Organizations. Retrieved July 27, 2023.
Навигация

Мы используем cookie-файлы, чтобы получить статистику, которая помогает нам улучшить сервис для вас с целью персонализации сервисов и предложений. Вы может прочитать подробнее о cookie-файлах или изменить настройки браузера. Продолжая пользоваться сайтом, вы даёте согласие на использование ваших cookie-файлов и соглашаетесь с Политикой обработки персональных данных.