← Back to Actors
APT19
APT19CodosoC0d0so0Codoso TeamSunshop Group
[APT19](https://attack.mitre.org/groups/G0073) is a Chinese-based threat group that has targeted a variety of industries, including defense, finance, energy, pharmaceutical, telecommunications, high tech, education, manufacturing, and legal services. In 2017, a phishing campaign was used to target seven law and investment firms. (Citation: FireEye APT19) Some analysts track [APT19](https://attack.mitre.org/groups/G0073) and [Deep Panda](https://attack.mitre.org/groups/G0009) as the same group, but it is unclear from open source information if the groups are the same. (Citation: ICIT China's Es...
21
Techniques
21
Covered
0
Gaps
100%
Coverage
Coverage21/21
COVERED (21)
T1016System Network Configuration Discovery39 det.T1027.010Command Obfuscation38 det.T1027.013Encrypted/Encoded File8 det.T1033System Owner/User Discovery61 det.T1059Command and Scripting Interpreter486 det.T1059.001PowerShell368 det.T1071.001Web Protocols80 det.T1082System Information Discovery86 det.T1112Modify Registry203 det.T1132.001Standard Encoding5 det.T1140Deobfuscate/Decode Files or Information58 det.T1189Drive-by Compromise10 det.T1204.002Malicious File425 det.T1218.010Regsvr3243 det.T1218.011Rundll3275 det.T1543.003Windows Service79 det.T1547.001Registry Run Keys / Startup Folder53 det.T1564.003Hidden Window11 det.T1566.001Spearphishing Attachment905 det.T1574.001DLL109 det.T1588.002Tool13 det.