← Back to Actors
Storm-0501
Storm-0501
[Storm-0501](https://attack.mitre.org/groups/G1053) is a financially motivated cyber criminal group that uses commodity and open-source tools to conduct ransomware operations. [Storm-0501](https://attack.mitre.org/groups/G1053) has been active since 2021 and has previously been affiliated with Sabbath Ransomware and other Ransomware-as-a-Service (RaaS) variants such as Hive, [BlackCat](https://attack.mitre.org/software/S1068), Hunters International, [LockBit 3.0](https://attack.mitre.org/software/S1202), and [Embargo](https://attack.mitre.org/software/S1247) ransomware.(Citation: Avertium Stor...
42
Techniques
41
Covered
1
Gaps
98%
Coverage
Coverage41/42
GAPS (1)
COVERED (41)
T1003OS Credential Dumping113 det.T1003.006DCSync16 det.T1021.006Windows Remote Management22 det.T1021.007Cloud Services12 det.T1027.002Software Packing2 det.T1036.004Masquerade Task or Service7 det.T1053.005Scheduled Task100 det.T1057Process Discovery21 det.T1059.001PowerShell372 det.T1059.009Cloud API6 det.T1078.004Cloud Accounts183 det.T1082System Information Discovery86 det.T1087.002Domain Account57 det.T1087.004Cloud Account22 det.T1098.001Additional Cloud Credentials26 det.T1098.003Additional Cloud Roles54 det.T1110Brute Force90 det.T1190Exploit Public-Facing Application227 det.T1218.010Regsvr3243 det.T1218.011Rundll3275 det.T1219.002Remote Desktop Software52 det.T1482Domain Trust Discovery41 det.T1484.001Group Policy Modification19 det.T1484.002Trust Modification14 det.T1485Data Destruction94 det.T1486Data Encrypted for Impact374 det.T1490Inhibit System Recovery62 det.T1518.001Security Software Discovery10 det.T1526Cloud Service Discovery32 det.T1530Data from Cloud Storage32 det.T1537Transfer Data to Cloud Account27 det.T1552.004Private Keys23 det.T1555.005Password Managers4 det.T1555.006Cloud Secrets Management Stores8 det.T1556.009Conditional Access Policies5 det.T1567.002Exfiltration to Cloud Storage31 det.T1578.003Delete Cloud Instance1 det.T1580Cloud Infrastructure Discovery26 det.T1587.003Digital Certificates1 det.T1614.001System Language Discovery2 det.T1657Financial Theft15 det.