← Back to Actors
Sidewinder
SidewinderT-APT-04Rattlesnake
[Sidewinder](https://attack.mitre.org/groups/G0121) is a suspected Indian threat actor group that has been active since at least 2012. They have been observed targeting government, military, and business entities throughout Asia, primarily focusing on Pakistan, China, Nepal, and Afghanistan.(Citation: ATT Sidewinder January 2021)(Citation: Securelist APT Trends April 2018)(Citation: Cyble Sidewinder September 2020)
30
Techniques
30
Covered
0
Gaps
100%
Coverage
Coverage30/30
COVERED (30)
T1016System Network Configuration Discovery40 det.T1020Automated Exfiltration20 det.T1027.010Command Obfuscation38 det.T1027.013Encrypted/Encoded File8 det.T1033System Owner/User Discovery61 det.T1036.005Match Legitimate Resource Name or Location45 det.T1057Process Discovery21 det.T1059.001PowerShell372 det.T1059.005Visual Basic69 det.T1059.007JavaScript63 det.T1071.001Web Protocols81 det.T1074.001Local Data Staging10 det.T1082System Information Discovery86 det.T1083File and Directory Discovery48 det.T1105Ingress Tool Transfer184 det.T1119Automated Collection12 det.T1124System Time Discovery4 det.T1203Exploitation for Client Execution79 det.T1204.001Malicious Link11 det.T1204.002Malicious File441 det.T1218.005Mshta49 det.T1518Software Discovery17 det.T1518.001Security Software Discovery10 det.T1547.001Registry Run Keys / Startup Folder53 det.T1559.002Dynamic Data Exchange1 det.T1566.001Spearphishing Attachment979 det.T1566.002Spearphishing Link1005 det.T1574.001DLL111 det.T1598.002Spearphishing Attachment2 det.T1598.003Spearphishing Link312 det.