Domain | ID | Name | Use | |
---|---|---|---|---|
Enterprise | T1071 | .001 | Application Layer Protocol: Web Protocols | |
Enterprise | T1573 | .001 | Encrypted Channel: Symmetric Cryptography | |
Enterprise | T1069 | .001 | Permission Groups Discovery: Local Groups |
Sys10 collects the group name of the logged-in user and sends it to the C2.[1] |
Enterprise | T1082 | System Information Discovery |
Sys10 collects the computer name, OS versioning information, and OS install date and sends the information to the C2.[1] |
|
Enterprise | T1016 | System Network Configuration Discovery |
Sys10 collects the local IP address of the victim and sends it to the C2.[1] |
|
Enterprise | T1033 | System Owner/User Discovery |
Sys10 collects the account name of the logged-in user and sends it to the C2.[1] |