Threat actors known for targeting the financial services industry in spain.

APT-C-36
Main techniques used
  • Command and Scripting Interpreter
  • Ingress Tool Transfer
  • Masquerading
  • Non-Standard Port
  • Obfuscated Files or Information
  • Obtain Capabilities
  • Phishing
  • Scheduled Task/Job
  • User Execution

🔗
MITRE
ETDA
APT5
Main techniques used
  • Account Manipulation
  • Archive Collected Data
  • Command and Scripting Interpreter
  • Compromise Host Software Binary
  • Create Account
  • Data Staged
  • Exploit Public-Facing Application
  • File and Directory Discovery
  • Impair Defenses
  • Indicator Removal
  • Input Capture
  • Log Enumeration
  • Masquerading
  • OS Credential Dumping
  • Process Discovery
  • Process Injection
  • Remote Services
  • Scheduled Task/Job
  • Server Software Component
  • System Network Connections Discovery
  • Valid Accounts

🔗
Wikipedia
MITRE
ETDA
FIN4
Main techniques used
  • Application Layer Protocol
  • Command and Scripting Interpreter
  • Email Collection
  • Hide Artifacts
  • Input Capture
  • Phishing
  • Proxy
  • User Execution
  • Valid Accounts

🔗
MITRE
ETDA
Malteiro
Main techniques used
  • Command and Scripting Interpreter
  • Credentials from Password Stores
  • Deobfuscate/Decode Files or Information
  • Financial Theft
  • Obfuscated Files or Information
  • Phishing
  • Process Injection
  • Software Discovery
  • System Information Discovery
  • System Location Discovery
  • User Execution

🔗
MITRE
TA577
Main techniques used
  • Command and Scripting Interpreter
  • Compromise Accounts
  • Obfuscated Files or Information
  • Phishing
  • User Execution

🔗
MITRE
admin@338
Main techniques used
  • Account Discovery
  • Command and Scripting Interpreter
  • Exploitation for Client Execution
  • File and Directory Discovery
  • Masquerading
  • Permission Groups Discovery
  • Phishing
  • System Information Discovery
  • System Network Configuration Discovery
  • System Network Connections Discovery
  • System Service Discovery
  • User Execution

🔗
MITRE
ETDA
Cinnamon Tempest
Main techniques used
  • Command and Scripting Interpreter
  • Create or Modify System Process
  • Deobfuscate/Decode Files or Information
  • Domain or Tenant Policy Modification
  • Exfiltration Over Web Service
  • Exploit Public-Facing Application
  • Financial Theft
  • Hijack Execution Flow
  • Ingress Tool Transfer
  • Obtain Capabilities
  • Protocol Tunneling
  • Proxy
  • Remote Services
  • Taint Shared Content
  • Valid Accounts
  • Windows Management Instrumentation

🔗
MITRE

Stay Informed, Protected, Ahead

Monitoring your threat landscape is essential for anticipating cyber events before they occur. By identifying emerging risks early, your organization can allocate resources more effectively and take proactive measures before it's too late.

Contact our team to set up a customized threat analysis and monitoring solution that aligns with your security needs.


Contact Us