APT-C-36 | APT Profile

Description

[APT-C-36](https://attack.mitre.org/groups/G0099) is a suspected South America espionage group that has been active since at least 2018. The group mainly targets Colombian government institutions as well as important corporations in the financial sector, petroleum industry, and professional manufacturing.(Citation: QiAnXin APT-C-36 Feb2019)

Techniques Used (TTPs)

T1204.002 — Malicious File (execution)
T1036.004 — Masquerade Task or Service (defense-evasion)
T1588.002 — Tool (resource-development)
T1027 — Obfuscated Files or Information (defense-evasion)
T1053.005 — Scheduled Task (execution, persistence, privilege-escalation)
T1105 — Ingress Tool Transfer (command-and-control)
T1059.005 — Visual Basic (execution)
T1571 — Non-Standard Port (command-and-control)
T1566.001 — Spearphishing Attachment (initial-access)

Total TTPs: 9

Malware & Tools

Tools: Imminent Monitor

← Return to Home ← Back to APT Search