← Back to Actors
APT19
APT19CodosoC0d0so0Codoso TeamSunshop Group
[APT19](https://attack.mitre.org/groups/G0073) is a Chinese-based threat group that has targeted a variety of industries, including defense, finance, energy, pharmaceutical, telecommunications, high tech, education, manufacturing, and legal services. In 2017, a phishing campaign was used to target seven law and investment firms. (Citation: FireEye APT19) Some analysts track [APT19](https://attack.mitre.org/groups/G0073) and [Deep Panda](https://attack.mitre.org/groups/G0009) as the same group, but it is unclear from open source information if the groups are the same. (Citation: ICIT China's Es...
21
Techniques
21
Covered
0
Gaps
100%
Coverage
Coverage21/21
COVERED (21)
T1016System Network Configuration Discovery35 det.T1027.010Command Obfuscation31 det.T1027.013Encrypted/Encoded File7 det.T1033System Owner/User Discovery59 det.T1059Command and Scripting Interpreter462 det.T1059.001PowerShell338 det.T1071.001Web Protocols74 det.T1082System Information Discovery80 det.T1112Modify Registry197 det.T1132.001Standard Encoding5 det.T1140Deobfuscate/Decode Files or Information55 det.T1189Drive-by Compromise10 det.T1204.002Malicious File397 det.T1218.010Regsvr3241 det.T1218.011Rundll3273 det.T1543.003Windows Service79 det.T1547.001Registry Run Keys / Startup Folder50 det.T1564.003Hidden Window11 det.T1566.001Spearphishing Attachment850 det.T1574.001DLL106 det.T1588.002Tool13 det.