Description
[LitePower](https://attack.mitre.org/software/S0680) is a downloader and second stage malware that has been used by [WIRTE](https://attack.mitre.org/groups/G0090) since at least 2021.(Citation: Kaspersky WIRTE November 2021)
External References
Techniques Used by This Malware
- T1012 — Query Registry
- T1033 — System Owner/User Discovery
- T1041 — Exfiltration Over C2 Channel
- T1053.005 — Scheduled Task
- T1059.001 — PowerShell
- T1071.001 — Web Protocols
- T1082 — System Information Discovery
- T1105 — Ingress Tool Transfer
- T1106 — Native API
- T1113 — Screen Capture
- T1518.001 — Security Software Discovery