← Back to Actors
Confucius
ConfuciusConfucius APT
[Confucius](https://attack.mitre.org/groups/G0142) is a cyber espionage group that has primarily targeted military personnel, high-profile personalities, business persons, and government organizations in South Asia since at least 2013. Security researchers have noted similarities between [Confucius](https://attack.mitre.org/groups/G0142) and [Patchwork](https://attack.mitre.org/groups/G0040), particularly in their respective custom malware code and targets.(Citation: TrendMicro Confucius APT Feb 2018)(Citation: TrendMicro Confucius APT Aug 2021)(Citation: Uptycs Confucius APT Jan 2021)
19
Techniques
18
Covered
1
Gaps
95%
Coverage
Coverage18/19
GAPS (1)
COVERED (18)
T1041Exfiltration Over C2 Channel32 det.T1053.005Scheduled Task100 det.T1059.001PowerShell372 det.T1059.005Visual Basic69 det.T1071.001Web Protocols81 det.T1083File and Directory Discovery48 det.T1105Ingress Tool Transfer184 det.T1119Automated Collection12 det.T1203Exploitation for Client Execution79 det.T1204.001Malicious Link11 det.T1204.002Malicious File441 det.T1218.005Mshta49 det.T1221Template Injection1 det.T1547.001Registry Run Keys / Startup Folder53 det.T1566.001Spearphishing Attachment979 det.T1566.002Spearphishing Link1005 det.T1567.002Exfiltration to Cloud Storage31 det.T1583.006Web Services1 det.