LuminousMoth

[LuminousMoth](https://attack.mitre.org/groups/G1014) is a Chinese-speaking cyber espionage group that has been active since at least October 2020. [LuminousMoth](https://attack.mitre.org/groups/G1014) has targeted high-profile organizations, including government entities, in Myanmar, the Philippines, Thailand, and other parts of Southeast Asia. Some security researchers have concluded there is a connection between [LuminousMoth](https://attack.mitre.org/groups/G1014) and [Mustang Panda](https://attack.mitre.org/groups/G0129) based on similar targeting and TTPs, as well as network infrastructu...

Techniques

Covered

Gaps

93%

Coverage

Coverage26/28

GAPS (2)

T1608.004Drive-by Target T1608.005Link Target

COVERED (26)

T1005Data from Local System46 det.T1030Data Transfer Size Limits6 det.T1033System Owner/User Discovery59 det.T1036.005Match Legitimate Resource Name or Location44 det.T1041Exfiltration Over C2 Channel30 det.T1053.005Scheduled Task82 det.T1071.001Web Protocols74 det.T1083File and Directory Discovery48 det.T1091Replication Through Removable Media8 det.T1105Ingress Tool Transfer170 det.T1112Modify Registry197 det.T1204.001Malicious Link9 det.T1539Steal Web Session Cookie12 det.T1547.001Registry Run Keys / Startup Folder50 det.T1553.002Code Signing3 det.T1557.002ARP Cache Poisoning3 det.T1560Archive Collected Data11 det.T1564.001Hidden Files and Directories23 det.T1566.002Spearphishing Link837 det.T1567.002Exfiltration to Cloud Storage27 det.T1574.001DLL106 det.T1587.001Malware9 det.T1588.001Malware2 det.T1588.002Tool13 det.T1588.004Digital Certificates1 det.T1608.001Upload Malware2 det.