Website

Index

1. Malware and Tools - techniques
2. Groups / Threat Actors - techniques)
3. All Techniques
4. Techniques popularity graph Top10 per tactic, excel
5. All data sources and components graph
6. Data source importance plot, excel
7. Mitigations importance plot, excel

Malware and Tools - techniques

• S0001 Trojan.Mebromi
• S0002 Mimikatz
• S0003 RIPTIDE
• S0004 TinyZBot
• S0005 Windows Credential Editor
• S0006 pwdump
• S0007 Skeleton Key
• S0008 gsecdump
• S0009 Hikit
• S0010 Lurid
• S0011 Taidoor
• S0012 PoisonIvy
• S0013 PlugX
• S0014 BS2005
• S0015 Ixeshe
• S0016 P2P ZeuS
• S0017 BISCUIT
• S0018 Sykipot
• S0019 Regin
• S0020 China Chopper
• S0021 Derusbi
• S0022 Uroburos
• S0023 CHOPSTICK
• S0024 Dyre
• S0025 CALENDAR
• S0026 GLOOXMAIL
• S0027 Zeroaccess
• S0028 SHIPSHAPE
• S0029 PsExec
• S0030 Carbanak
• S0031 BACKSPACE
• S0032 gh0st RAT
• S0033 NetTraveler
• S0034 NETEAGLE
• S0035 SPACESHIP
• S0036 FLASHFLOOD
• S0037 HAMMERTOSS
• S0038 Duqu
• S0039 Net
• S0040 HTRAN
• S0041 Wiper
• S0042 LOWBALL
• S0043 BUBBLEWRAP
• S0044 JHUHUGIT
• S0045 ADVSTORESHELL
• S0046 CozyCar
• S0047 Hacking Team UEFI Rootkit
• S0048 PinchDuke
• S0049 GeminiDuke
• S0050 CosmicDuke
• S0051 MiniDuke
• S0052 OnionDuke
• S0053 SeaDuke
• S0054 CloudDuke
• S0055 RARSTONE
• S0056 Net Crawler
• S0057 Tasklist
• S0058 SslMM
• S0059 WinMM
• S0060 Sys10
• S0061 HDoor
• S0062 DustySky
• S0063 SHOTPUT
• S0064 ELMER
• S0065 4H RAT
• S0066 3PARA RAT
• S0067 pngdowner
• S0068 httpclient
• S0069 BLACKCOFFEE
• S0070 HTTPBrowser
• S0071 hcdLoader
• S0072 OwaAuth
• S0073 ASPXSpy
• S0074 Sakula
• S0075 Reg
• S0076 FakeM
• S0077 CallMe
• S0078 Psylo
• S0079 MobileOrder
• S0080 Mivast
• S0081 Elise
• S0082 Emissary
• S0083 Misdat
• S0084 Mis-Type
• S0085 S-Type
• S0086 ZLib
• S0087 Hi-Zor
• S0088 Kasidet
• S0089 BlackEnergy
• S0090 Rover
• S0091 Epic
• S0092 Agent.btz
• S0093 Backdoor.Oldrea
• S0094 Trojan.Karagany
• S0095 FTP
• S0096 Systeminfo
• S0097 Ping
• S0098 T9000
• S0099 Arp
• S0100 ipconfig
• S0101 ifconfig
• S0102 nbtstat
• S0103 route
• S0104 netstat
• S0105 dsquery
• S0106 cmd
• S0107 Cherry Picker
• S0108 netsh
• S0109 WEBC2
• S0110 at
• S0111 schtasks
• S0112 ROCKBOOT
• S0113 Prikormka
• S0114 BOOTRASH
• S0115 Crimson
• S0116 UACMe
• S0117 XTunnel
• S0118 Nidiran
• S0119 Cachedump
• S0120 Fgdump
• S0121 Lslsass
• S0122 Pass-The-Hash Toolkit
• S0123 xCmd
• S0124 Pisloader
• S0125 Remsec
• S0126 ComRAT
• S0127 BBSRAT
• S0128 BADNEWS
• S0129 AutoIt backdoor
• S0130 Unknown Logger
• S0131 TINYTYPHON
• S0132 H1N1
• S0133 Miner-C
• S0134 Downdelph
• S0135 HIDEDRV
• S0136 USBStealer
• S0137 CORESHELL
• S0138 OLDBAIT
• S0139 PowerDuke
• S0140 Shamoon
• S0141 Winnti for Windows
• S0142 StreamEx
• S0143 Flame
• S0144 ChChes
• S0145 POWERSOURCE
• S0146 TEXTMATE
• S0147 Pteranodon
• S0148 RTM
• S0149 MoonWind
• S0150 POSHSPY
• S0151 HALFBAKED
• S0152 EvilGrab
• S0153 RedLeaves
• S0154 Cobalt Strike
• S0155 WINDSHIELD
• S0156 KOMPROGO
• S0157 SOUNDBITE
• S0158 PHOREAL
• S0159 SNUGRIDE
• S0160 certutil
• S0161 XAgentOSX
• S0162 Komplex
• S0163 Janicab
• S0164 TDTESS
• S0165 OSInfo
• S0166 RemoteCMD
• S0167 Matryoshka
• S0168 Gazer
• S0169 RawPOS
• S0170 Helminth
• S0171 Felismus
• S0172 Reaver
• S0173 FLIPSIDE
• S0174 Responder
• S0175 meek
• S0176 Wingbird
• S0177 Power Loader
• S0178 Truvasys
• S0179 MimiPenguin
• S0180 Volgmer
• S0181 FALLCHILL
• S0182 FinFisher
• S0183 Tor
• S0184 POWRUNER
• S0185 SEASHARPEE
• S0186 DownPaper
• S0187 Daserf
• S0188 Starloader
• S0189 ISMInjector
• S0190 BITSAdmin
• S0191 Winexe
• S0192 Pupy
• S0193 Forfiles
• S0194 PowerSploit
• S0195 SDelete
• S0196 PUNCHBUGGY
• S0197 PUNCHTRACK
• S0198 NETWIRE
• S0199 TURNEDUP
• S0200 Dipsind
• S0201 JPIN
• S0202 adbupd
• S0203 Hydraq
• S0204 Briba
• S0205 Naid
• S0206 Wiarp
• S0207 Vasport
• S0208 Pasam
• S0210 Nerex
• S0211 Linfo
• S0212 CORALDECK
• S0213 DOGCALL
• S0214 HAPPYWORK
• S0215 KARAE
• S0216 POORAIM
• S0217 SHUTTERSPEED
• S0218 SLOWDRIFT
• S0219 WINERACK
• S0220 Chaos
• S0221 Umbreon
• S0222 CCBkdr
• S0223 POWERSTATS
• S0224 Havij
• S0225 sqlmap
• S0226 Smoke Loader
• S0227 spwebmember
• S0228 NanHaiShu
• S0229 Orz
• S0230 ZeroT
• S0231 Invoke-PSImage
• S0232 HOMEFRY
• S0233 MURKYTOP
• S0234 Bandook
• S0235 CrossRAT
• S0236 Kwampirs
• S0237 GravityRAT
• S0238 Proxysvc
• S0239 Bankshot
• S0240 ROKRAT
• S0241 RATANKBA
• S0242 SynAck
• S0243 DealersChoice
• S0244 Comnie
• S0245 BADCALL
• S0246 HARDRAIN
• S0247 NavRAT
• S0248 yty
• S0249 Gold Dragon
• S0250 Koadic
• S0251 Zebrocy
• S0252 Brave Prince
• S0253 RunningRAT
• S0254 PLAINTEE
• S0255 DDKONG
• S0256 Mosquito
• S0257 VERMIN
• S0258 RGDoor
• S0259 InnaputRAT
• S0260 InvisiMole
• S0261 Catchamas
• S0262 QuasarRAT
• S0263 TYPEFRAME
• S0264 OopsIE
• S0265 Kazuar
• S0266 TrickBot
• S0267 FELIXROOT
• S0268 Bisonal
• S0269 QUADAGENT
• S0270 RogueRobin
• S0271 KEYMARBLE
• S0272 NDiskMonitor
• S0273 Socksbot
• S0274 Calisto
• S0275 UPPERCUT
• S0276 Keydnap
• S0277 FruitFly
• S0278 iKitten
• S0279 Proton
• S0280 MirageFox
• S0281 Dok
• S0282 MacSpy
• S0283 jRAT
• S0284 More_eggs
• S0330 Zeus Panda
• S0331 Agent Tesla
• S0332 Remcos
• S0333 UBoatRAT
• S0334 DarkComet
• S0335 Carbon
• S0336 NanoCore
• S0337 BadPatch
• S0338 Cobian RAT
• S0339 Micropsia
• S0340 Octopus
• S0341 Xbash
• S0342 GreyEnergy
• S0343 Exaramel for Windows
• S0344 Azorult
• S0345 Seasalt
• S0346 OceanSalt
• S0347 AuditCred
• S0348 Cardinal RAT
• S0349 LaZagne
• S0350 zwShell
• S0351 Cannon
• S0352 OSX_OCEANLOTUS.D
• S0353 NOKKI
• S0354 Denis
• S0355 Final1stspy
• S0356 KONNI
• S0357 Impacket
• S0358 Ruler
• S0359 Nltest
• S0360 BONDUPDATER
• S0361 Expand
• S0362 Linux Rabbit
• S0363 Empire
• S0364 RawDisk
• S0365 Olympic Destroyer
• S0366 WannaCry
• S0367 Emotet
• S0368 NotPetya
• S0369 CoinTicker
• S0370 SamSam
• S0371 POWERTON
• S0372 LockerGoga
• S0373 Astaroth
• S0374 SpeakUp
• S0375 Remexi
• S0376 HOPLIGHT
• S0377 Ebury
• S0378 PoshC2
• S0379 Revenge RAT
• S0380 StoneDrill
• S0381 FlawedAmmyy
• S0382 ServHelper
• S0383 FlawedGrace
• S0384 Dridex
• S0385 njRAT
• S0386 Ursnif
• S0387 KeyBoy
• S0388 YAHOYAH
• S0389 JCry
• S0390 SQLRat
• S0391 HAWKBALL
• S0393 PowerStallion
• S0394 HiddenWasp
• S0395 LightNeuron
• S0396 EvilBunny
• S0397 LoJax
• S0398 HyperBro
• S0400 RobbinHood
• S0401 Exaramel for Linux
• S0402 OSX-Shlayer
• S0404 esentutl
• S0409 Machete
• S0410 Fysbis
• S0412 ZxShell
• S0413 MailSniper
• S0414 BabyShark
• S0415 BOOSTWRITE
• S0416 RDFSNIFFER
• S0417 GRIFFON
• S0428 PoetRAT
• S0430 Winnti for Linux
• S0431 HotCroissant
• S0433 Rifdoor
• S0434 Imminent Monitor
• S0435 PLEAD
• S0436 TSCookie
• S0437 Kivars
• S0438 Attor
• S0439 Okrum
• S0441 PowerShower
• S0442 VBShower
• S0443 MESSAGETAP
• S0444 ShimRat
• S0445 ShimRatReporter
• S0446 Ryuk
• S0447 Lokibot
• S0448 Rising Sun
• S0449 Maze
• S0450 SHARPSTATS
• S0451 LoudMiner
• S0452 USBferry
• S0453 Pony
• S0454 Cadelspy
• S0455 Metamorfo
• S0456 Aria-body
• S0457 Netwalker
• S0458 Ramsay
• S0459 MechaFlounder
• S0460 Get2
• S0461 SDBbot
• S0462 CARROTBAT
• S0464 SYSCON
• S0465 CARROTBALL
• S0466 WindTail
• S0467 TajMahal
• S0468 Skidmap
• S0469 ABK
• S0470 BBK
• S0471 build_downer
• S0472 down_new
• S0473 Avenger
• S0475 BackConfig
• S0476 Valak
• S0477 Goopy
• S0481 Ragnar Locker
• S0482 Bundlore
• S0483 IcedID
• S0484 Carberp
• S0486 Bonadan
• S0487 Kessel
• S0488 CrackMapExec
• S0491 StrongPity
• S0492 CookieMiner
• S0493 GoldenSpy
• S0495 RDAT
• S0496 REvil
• S0497 Dacls
• S0498 Cryptoistic
• S0499 Hancitor
• S0500 MCMD
• S0501 PipeMon
• S0502 Drovorub
• S0503 FrameworkPOS
• S0504 Anchor
• S0508 Ngrok
• S0511 RegDuke
• S0512 FatDuke
• S0513 LiteDuke
• S0514 WellMess
• S0515 WellMail
• S0516 SoreFang
• S0517 Pillowmint
• S0518 PolyglotDuke
• S0519 SYNful Knock
• S0520 BLINDINGCAN
• S0521 BloodHound
• S0526 KGH_SPY
• S0527 CSPY Downloader
• S0528 Javali
• S0530 Melcoz
• S0531 Grandoreiro
• S0532 Lucifer
• S0533 SLOTHFULMEDIA
• S0534 Bazar
• S0537 HyperStack
• S0538 Crutch
• S0543 Spark
• S0546 SharpStage
• S0547 DropBook
• S0552 AdFind
• S0553 MoleNet
• S0554 Egregor
• S0556 Pay2Key
• S0559 SUNBURST
• S0560 TEARDROP
• S0561 GuLoader
• S0562 SUNSPOT
• S0564 BlackMould
• S0565 Raindrop
• S0567 Dtrack
• S0568 EVILNUM
• S0569 Explosive
• S0570 BitPaymer
• S0572 Caterpillar WebShell
• S0574 BendyBear
• S0575 Conti
• S0576 MegaCortex
• S0578 SUPERNOVA
• S0579 Waterbear
• S0581 IronNetInjector
• S0582 LookBack
• S0583 Pysa
• S0584 AppleJeus
• S0585 Kerrdown
• S0586 TAINTEDSCRIBE
• S0587 Penquin
• S0588 GoldMax
• S0589 Sibot
• S0590 NBTscan
• S0591 ConnectWise
• S0592 RemoteUtilities
• S0593 ECCENTRICBANDWAGON
• S0594 Out1
• S0595 ThiefQuest
• S0596 ShadowPad
• S0597 GoldFinder
• S0598 P.A.S. Webshell
• S0599 Kinsing
• S0600 Doki
• S0601 Hildegard
• S0603 Stuxnet
• S0604 Industroyer
• S0605 EKANS
• S0606 Bad Rabbit
• S0607 KillDisk
• S0608 Conficker
• S0609 TRITON
• S0610 SideTwist
• S0611 Clop
• S0612 WastedLocker
• S0613 PS1
• S0614 CostaBricks
• S0615 SombRAT
• S0616 DEATHRANSOM
• S0617 HELLOKITTY
• S0618 FIVEHANDS
• S0622 AppleSeed
• S0623 Siloscape
• S0624 Ecipekac
• S0625 Cuba
• S0626 P8RAT
• S0627 SodaMaster
• S0628 FYAnti
• S0629 RainyDay
• S0630 Nebulae
• S0631 Chaes
• S0632 GrimAgent
• S0633 Sliver
• S0634 EnvyScout
• S0635 BoomBox
• S0636 VaporRage
• S0637 NativeZone
• S0638 Babuk
• S0639 Seth-Locker
• S0640 Avaddon
• S0641 Kobalos
• S0642 BADFLICK
• S0643 Peppy
• S0644 ObliqueRAT
• S0645 Wevtutil
• S0646 SpicyOmelette
• S0647 Turian
• S0648 JSS Loader
• S0649 SMOKEDHAM
• S0650 QakBot
• S0651 BoxCaon
• S0652 MarkiRAT
• S0653 xCaon
• S0654 ProLock
• S0657 BLUELIGHT
• S0658 XCSSET

Threat Actors - techniques

• G0001 Axiom
• G0002 Moafee
• G0003 Cleaver
• G0004 Ke3chang
• G0005 APT12
• G0006 APT1
• G0007 APT28
• G0008 Carbanak
• G0009 Deep Panda
• G0010 Turla
• G0011 PittyTiger
• G0012 Darkhotel
• G0013 APT30
• G0014 Night Dragon
• G0015 Taidoor
• G0016 APT29
• G0017 DragonOK
• G0018 admin@338
• G0019 Naikon
• G0020 Equation
• G0021 Molerats
• G0022 APT3
• G0023 APT16
• G0024 Putter Panda
• G0025 APT17
• G0026 APT18
• G0027 Threat Group-3390
• G0028 Threat Group-1314
• G0029 Scarlet Mimic
• G0030 Lotus Blossom
• G0031 Dust Storm
• G0032 Lazarus Group
• G0033 Poseidon Group
• G0034 Sandworm Team
• G0035 Dragonfly
• G0036 GCMAN
• G0037 FIN6
• G0038 Stealth Falcon
• G0039 Suckfly
• G0040 Patchwork
• G0041 Strider
• G0043 Group5
• G0044 Winnti Group
• G0045 menuPass
• G0046 FIN7
• G0047 Gamaredon Group
• G0048 RTM
• G0049 OilRig
• G0050 APT32
• G0051 FIN10
• G0052 CopyKittens
• G0053 FIN5
• G0054 Sowbug
• G0055 NEODYMIUM
• G0056 PROMETHIUM
• G0058 Charming Kitten
• G0059 Magic Hound
• G0060 BRONZE BUTLER
• G0061 FIN8
• G0062 TA459
• G0063 BlackOasis
• G0064 APT33
• G0065 Leviathan
• G0066 Elderwood
• G0067 APT37
• G0068 PLATINUM
• G0069 MuddyWater
• G0070 Dark Caracal
• G0071 Orangeworm
• G0072 Honeybee
• G0073 APT19
• G0074 Dragonfly 2.0
• G0075 Rancor
• G0076 Thrip
• G0077 Leafminer
• G0078 Gorgon Group
• G0079 DarkHydrus
• G0080 Cobalt Group
• G0081 Tropic Trooper
• G0082 APT38
• G0083 SilverTerrier
• G0084 Gallmaker
• G0085 FIN4
• G0087 APT39
• G0088 TEMP.Veles
• G0089 The White Company
• G0090 WIRTE
• G0091 Silence
• G0092 TA505
• G0093 GALLIUM
• G0094 Kimsuky
• G0095 Machete
• G0096 APT41
• G0097 Bouncing Golf
• G0098 BlackTech
• G0099 APT-C-36
• G0100 Inception
• G0101 Frankenstein
• G0102 Wizard Spider
• G0103 Mofang
• G0104 Sharpshooter
• G0105 DarkVishnya
• G0106 Rocke
• G0107 Whitefly
• G0108 Blue Mockingbird
• G0112 Windshift
• G0114 Chimera
• G0115 GOLD SOUTHFIELD
• G0116 Operation Wocao
• G0117 Fox Kitten
• G0119 Indrik Spider
• G0120 Evilnum
• G0121 Sidewinder
• G0122 Silent Librarian
• G0123 Volatile Cedar
• G0124 Windigo
• G0125 HAFNIUM
• G0126 Higaisa
• G0127 TA551
• G0128 ZIRCONIUM
• G0129 Mustang Panda
• G0130 Ajax Security Team
• G0131 Tonto Team
• G0132 CostaRicto
• G0133 Nomadic Octopus
• G0134 Transparent Tribe
• G0135 BackdoorDiplomacy
• G0136 IndigoZebra
• G0137 Ferocious Kitten
• G0138 Andariel
• G0139 TeamTNT