← Back to Actors
admin@338
admin@338
[admin@338](https://attack.mitre.org/groups/G0018) is a China-based cyber threat group. It has previously used newsworthy events as lures to deliver malware and has primarily targeted organizations involved in financial, economic, and trade policy, typically using publicly available RATs such as [PoisonIvy](https://attack.mitre.org/software/S0012), as well as some non-public backdoors. (Citation: FireEye admin@338)
12
Techniques
12
Covered
0
Gaps
100%
Coverage
Coverage12/12
COVERED (12)
T1007System Service Discovery11 det.T1016System Network Configuration Discovery35 det.T1036.005Match Legitimate Resource Name or Location44 det.T1049System Network Connections Discovery21 det.T1059.003Windows Command Shell79 det.T1069.001Local Groups35 det.T1082System Information Discovery80 det.T1083File and Directory Discovery48 det.T1087.001Local Account32 det.T1203Exploitation for Client Execution71 det.T1204.002Malicious File397 det.T1566.001Spearphishing Attachment850 det.