Description
[StrongPity](https://attack.mitre.org/software/S0491) is an information stealing malware used by [PROMETHIUM](https://attack.mitre.org/groups/G0056).(Citation: Bitdefender StrongPity June 2020)(Citation: Talos Promethium June 2020)
External References
Techniques Used by This Malware
- T1016 — System Network Configuration Discovery
- T1020 — Automated Exfiltration
- T1027.013 — Encrypted/Encoded File
- T1036.004 — Masquerade Task or Service
- T1036.005 — Match Legitimate Resource Name or Location
- T1041 — Exfiltration Over C2 Channel
- T1057 — Process Discovery
- T1059.001 — PowerShell
- T1070.004 — File Deletion
- T1071.001 — Web Protocols
- T1082 — System Information Discovery
- T1083 — File and Directory Discovery
- T1090.003 — Multi-hop Proxy
- T1105 — Ingress Tool Transfer
- T1119 — Automated Collection
- T1204.002 — Malicious File
- T1518.001 — Security Software Discovery
- T1543.003 — Windows Service
- T1547.001 — Registry Run Keys / Startup Folder
- T1553.002 — Code Signing
- T1560.003 — Archive via Custom Method
- T1562.001 — Disable or Modify Tools
- T1564.003 — Hidden Window
- T1569.002 — Service Execution
- T1571 — Non-Standard Port
- T1573.002 — Asymmetric Cryptography