FishMonger
MITRE G1010Also known as Earth Lusca, TAG-22, Aquatic Panda, Red Dev 10, Bronze University, Charcoal Typhoon, RedHotel
Reports
3
First seen
May 20
Last seen
Jun 16
Motivation
espionage
Targeting
Sectors
government ×3
Top ATT&CK techniques
T1053.005 Scheduled Task/Job: Scheduled Task ×3T1071.001 Application Layer Protocol: Web Protocols ×2T1082 System Information Discovery ×2T1059.003 Command and Scripting Interpreter: Windows Command Shell ×2T1562.008 Impair Defenses: Disable or Modify Tools ×1T1057 Process Discovery ×1T1055.001 Process Injection: Dynamic-link Library Injection ×1T1583.004 Acquire Infrastructure: Server ×1T1014 Rootkit ×1T1608.002 Stage Capabilities: Upload Tool ×1T1547.012 Boot or Logon Autostart Execution: Print Processors ×1T1218.009 System Binary Proxy Execution: Regsvcs/Regasm ×1
Indicators
filename ×31ip_v4 ×8cve ×2domain ×2registry_key ×2hash_sha1 ×1
Indicator values are available on Pro and via the API.