EXPLORE
Sign In
← Back to Actors

Leafminer

LeafminerRaspite

[Leafminer](https://attack.mitre.org/groups/G0077) is an Iranian threat group that has targeted government organizations and business entities in the Middle East since at least early 2017. (Citation: Symantec Leafminer July 2018)

17
Techniques
16
Covered
1
Gaps
94%
Coverage
Coverage16/17

GAPS (1)

T1055.013Process Doppelgänging

COVERED (16)

T1003.001LSASS Memory105 det.T1003.004LSA Secrets16 det.T1003.005Cached Domain Credentials11 det.T1018Remote System Discovery46 det.T1027.010Command Obfuscation31 det.T1046Network Service Discovery49 det.T1059.007JavaScript58 det.T1083File and Directory Discovery48 det.T1110.003Password Spraying65 det.T1114.002Remote Email Collection18 det.T1136.001Local Account42 det.T1189Drive-by Compromise10 det.T1552.001Credentials In Files53 det.T1555Credentials from Password Stores38 det.T1555.003Credentials from Web Browsers15 det.T1588.002Tool13 det.