Malware: Mivast

Description

[Mivast](https://attack.mitre.org/software/S0080) is a backdoor that has been used by [Deep Panda](https://attack.mitre.org/groups/G0009). It was reportedly used in the Anthem breach. (Citation: Symantec Black Vine)

External References

• mitre-attack
• Symantec Black Vine
• Symantec Backdoor.Mivast

Techniques Used by This Malware

• T1003.002 — Security Account Manager
• T1059.003 — Windows Command Shell
• T1105 — Ingress Tool Transfer
• T1547.001 — Registry Run Keys / Startup Folder

APT Groups Using This Malware

• Deep Panda