← Back to Actors
Sidewinder
SidewinderT-APT-04Rattlesnake
[Sidewinder](https://attack.mitre.org/groups/G0121) is a suspected Indian threat actor group that has been active since at least 2012. They have been observed targeting government, military, and business entities throughout Asia, primarily focusing on Pakistan, China, Nepal, and Afghanistan.(Citation: ATT Sidewinder January 2021)(Citation: Securelist APT Trends April 2018)(Citation: Cyble Sidewinder September 2020)
30
Techniques
30
Covered
0
Gaps
100%
Coverage
Coverage30/30
COVERED (30)
T1016System Network Configuration Discovery35 det.T1020Automated Exfiltration17 det.T1027.010Command Obfuscation31 det.T1027.013Encrypted/Encoded File7 det.T1033System Owner/User Discovery59 det.T1036.005Match Legitimate Resource Name or Location44 det.T1057Process Discovery18 det.T1059.001PowerShell338 det.T1059.005Visual Basic66 det.T1059.007JavaScript58 det.T1071.001Web Protocols74 det.T1074.001Local Data Staging10 det.T1082System Information Discovery80 det.T1083File and Directory Discovery48 det.T1105Ingress Tool Transfer170 det.T1119Automated Collection11 det.T1124System Time Discovery4 det.T1203Exploitation for Client Execution71 det.T1204.001Malicious Link9 det.T1204.002Malicious File397 det.T1218.005Mshta46 det.T1518Software Discovery15 det.T1518.001Security Software Discovery8 det.T1547.001Registry Run Keys / Startup Folder50 det.T1559.002Dynamic Data Exchange1 det.T1566.001Spearphishing Attachment850 det.T1566.002Spearphishing Link837 det.T1574.001DLL106 det.T1598.002Spearphishing Attachment1 det.T1598.003Spearphishing Link271 det.