Rules of Engagement Executive Summary


APPENDIX E – Threat profile



Download 80.83 Kb.
Page6/6
Date10.07.2023
Size80.83 Kb.
#61682
1   2   3   4   5   6
redteam ROE template

APPENDIX E – Threat profile


As part of the Red Team engagement, I♥REDTEAMS, INC will be replicating the TTPs associated with the group known as <>. This threat has been known to exploit and attack the systems and networks servicing the transactional records, customer order database, and XYZ of organizations similar to <>.

<>
Intent:

Characterization



  • Associated with the Russian Federation

  • Active over multiple years

  • Active primarily during Moscow business hours

  • Targeted organization based in the financial sector

  • Goal of gathering intelligence on financial based organizations

Attack and Delivery TTPs



  • Phishing

  • Watering-Hole

  • Compromised web servers

Exploitation TTPs


Post Exploitation TTPs


Persistence TTPs



  • Run key registry modifications

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”TmProvider”

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry

Download 80.83 Kb.

Share with your friends:
1   2   3   4   5   6




The database is protected by copyright ©ininet.org 2024
send message

    Main page