ScarCruft
MITRE G0034Also known as APT37, Reaper
Reports
3
First seen
May 5
Last seen
Jun 16
Motivation
espionage
Targeting
Victim regions
China ×1
Top ATT&CK techniques
T1059.003 Command and Scripting Interpreter: Windows Command Shell ×2T1041 Exfiltration Over C2 Channel ×2T1113 Screen Capture ×1T1102.002 Web Service: Bidirectional Communication ×1T1584.004 Compromise Infrastructure: Server ×1T1555 Credentials from Password Stores ×1T1110 Brute Force ×1T1021 Remote Services ×1T1566.002 Phishing: Spearphishing Link ×1T1566.001 Phishing: Spearphishing Attachment ×1T1078 Valid Accounts ×1T1053.005 Scheduled Task/Job: Scheduled Task ×1
Indicators
email ×12domain ×11ip_v4 ×7url ×5filename ×2hash_md5 ×1hash_sha1 ×1
Indicator values are available on Pro and via the API.