SOFTWARE
SOFTWARE
A-B
C-D
E-F
G-H
I-J
K-L
M-N
O-P
Q-R
S-T
U-V
W-X
RemoteCMD
RemoteCMD is a custom tool used by APT3 to execute commands on a remote system similar to SysInternal's PSEXEC functionality. [1]
ID: S0166
Type: MALWARE
Platforms: Windows
Version: 1.1
Created: 16 January 2018
Last Modified: 31 March 2020
Techniques Used
Domain | ID | Name | Use | |
---|---|---|---|---|
Enterprise | T1105 | Ingress Tool Transfer |
RemoteCMD copies a file over to the remote system before execution.[1] |
|
Enterprise | T1053 | .005 | Scheduled Task/Job: Scheduled Task |
RemoteCMD can execute commands remotely by creating a new schedule task on the remote system[1] |
Enterprise | T1569 | .002 | System Services: Service Execution |
RemoteCMD can execute commands remotely by creating a new service on the remote system.[1] |
Groups That Use This Software
ID | Name | References |
---|---|---|
G0022 | APT3 |
References
×