← Back to Actors
SideCopy
SideCopy
[SideCopy](https://attack.mitre.org/groups/G1008) is a Pakistani threat group that has primarily targeted South Asian countries, including Indian and Afghani government personnel, since at least 2019. [SideCopy](https://attack.mitre.org/groups/G1008)'s name comes from its infection chain that tries to mimic that of [Sidewinder](https://attack.mitre.org/groups/G0121), a suspected Indian threat group.(Citation: MalwareBytes SideCopy Dec 2021)
16
Techniques
15
Covered
1
Gaps
94%
Coverage
Coverage15/16
GAPS (1)
COVERED (15)
T1016System Network Configuration Discovery40 det.T1036.005Match Legitimate Resource Name or Location45 det.T1059.005Visual Basic69 det.T1082System Information Discovery86 det.T1105Ingress Tool Transfer184 det.T1106Native API29 det.T1204.002Malicious File441 det.T1218.005Mshta49 det.T1518Software Discovery17 det.T1518.001Security Software Discovery10 det.T1566.001Spearphishing Attachment979 det.T1574.001DLL111 det.T1584.001Domains3 det.T1598.002Spearphishing Attachment2 det.T1608.001Upload Malware3 det.