Leafminer

LeafminerRaspite

[Leafminer](https://attack.mitre.org/groups/G0077) is an Iranian threat group that has targeted government organizations and business entities in the Middle East since at least early 2017. (Citation: Symantec Leafminer July 2018)

Techniques

Covered

Gaps

100%

Coverage

Coverage17/17

COVERED (17)

T1003.001LSASS Memory111 det.T1003.004LSA Secrets18 det.T1003.005Cached Domain Credentials12 det.T1018Remote System Discovery50 det.T1027.010Command Obfuscation38 det.T1046Network Service Discovery51 det.T1055.013Process Doppelgänging1 det.T1059.007JavaScript61 det.T1083File and Directory Discovery48 det.T1110.003Password Spraying66 det.T1114.002Remote Email Collection18 det.T1136.001Local Account43 det.T1189Drive-by Compromise10 det.T1552.001Credentials In Files61 det.T1555Credentials from Password Stores40 det.T1555.003Credentials from Web Browsers16 det.T1588.002Tool13 det.