← Back to Actors
ZIRCONIUM
ZIRCONIUMAPT31Violet Typhoon
[ZIRCONIUM](https://attack.mitre.org/groups/G0128) is a threat group operating out of China, active since at least 2017, that has targeted individuals associated with the 2020 US presidential election and prominent leaders in the international affairs community.(Citation: Microsoft Targeting Elections September 2020)(Citation: Check Point APT31 February 2021)
29
Techniques
26
Covered
3
Gaps
90%
Coverage
Coverage26/29
COVERED (26)
T1012Query Registry25 det.T1016System Network Configuration Discovery40 det.T1027.002Software Packing2 det.T1033System Owner/User Discovery61 det.T1036Masquerading572 det.T1036.004Masquerade Task or Service7 det.T1041Exfiltration Over C2 Channel32 det.T1059.003Windows Command Shell83 det.T1059.006Python51 det.T1068Exploitation for Privilege Escalation99 det.T1082System Information Discovery86 det.T1090.003Multi-hop Proxy9 det.T1102.002Bidirectional Communication16 det.T1105Ingress Tool Transfer184 det.T1124System Time Discovery4 det.T1140Deobfuscate/Decode Files or Information58 det.T1204.001Malicious Link11 det.T1218.007Msiexec33 det.T1547.001Registry Run Keys / Startup Folder53 det.T1555.003Credentials from Web Browsers16 det.T1566.002Spearphishing Link1005 det.T1567.002Exfiltration to Cloud Storage31 det.T1583.001Domains62 det.T1583.006Web Services1 det.T1598Phishing for Information1002 det.T1598.003Spearphishing Link312 det.