UNC5221

MITRE G1031Also known as VerdantBamboo
Reports
3
First seen
May 28
Last seen
Jun 5
Motivation
espionage

Targeting

Sectors
government ×1
Victim regions
United States ×1

Top ATT&CK techniques

T1078 Valid Accounts ×2T1041 Exfiltration Over C2 Channel ×2T1133 External Remote Services ×2T1071.001 Application Layer Protocol: Web Protocols ×2T1190 Exploit Public-Facing Application ×2T1566 Phishing ×2T1218.009 System Binary Proxy Execution: Regsvcs/Regasm ×1T1562.008 Impair Defenses: Disable or Modify Tools ×1T1570 Lateral Tool Transfer ×1T1027 Obfuscated Files or Information ×1T1204.002 User Execution: Malicious File ×1T1021.004 Remote Services: SSH ×1

Indicators

filename ×2

Indicator values are available on Pro and via the API.

Recent reports

This page shows data on a 7-day delay. Free accounts get the full delayed feed; real-time reports, indicators, and the API start at $29/mo.