← Back to Actors
admin@338
admin@338
[admin@338](https://attack.mitre.org/groups/G0018) is a China-based cyber threat group. It has previously used newsworthy events as lures to deliver malware and has primarily targeted organizations involved in financial, economic, and trade policy, typically using publicly available RATs such as [PoisonIvy](https://attack.mitre.org/software/S0012), as well as some non-public backdoors. (Citation: FireEye admin@338)
12
Techniques
12
Covered
0
Gaps
100%
Coverage
Coverage12/12
COVERED (12)
T1007System Service Discovery15 det.T1016System Network Configuration Discovery39 det.T1036.005Match Legitimate Resource Name or Location44 det.T1049System Network Connections Discovery22 det.T1059.003Windows Command Shell82 det.T1069.001Local Groups37 det.T1082System Information Discovery86 det.T1083File and Directory Discovery48 det.T1087.001Local Account33 det.T1203Exploitation for Client Execution75 det.T1204.002Malicious File425 det.T1566.001Spearphishing Attachment905 det.