T1588.001

Malware

Adversaries may buy, steal, or download malware that can be used during targeting. Malicious software can include payloads, droppers, post-compromise tools, backdoors, packers, and C2 protocols. Adversaries may acquire malware to support their operations, obtaining a means for maintaining control of remote machines, evading defenses, and executing post-compromise behaviors. In addition to downloading free malware from the internet, adversaries may purchase these capabilities from third-party en...

PRE

Detections

Sources

Threat Actors

BY SOURCE

1elastic1sigma

PROCEDURES (1)

General Monitoring2 detections

Auto-extracted: 2 detections for general monitoring

THREAT ACTORS (15)

Andariel APT1 Aquatic Panda BackdoorDiplomacy Earth Lusca Ember Bear LAPSUS$LazyScripter LuminousMoth Metador Scattered Spider TA2541 TA505 Turla UNC3886

DETECTIONS (2)

Anomalous Linux Compiler Activity

elasticlow

Relevant ClamAV Message

sigmahigh