CavalierGPT: The First Comprehensive Infostealers AI Bot - Read More →

Created by: alon

Date created: 2023-01-24

Last edited: 2023-01-24

Description: Heatmap of instances of ATT&CK techniques for LummaC2 Stealer based on recent public CTI reporting (sources in Notes for each technique).

Techniques (10)

  • Application Layer Protocol

    ID: T1071

    Tactics: Command and Control

    Description: https://blog.cyble.com/2023/01/06/lummac2-stealer-a-potent-threat-to-crypto-users/

  • Automated Collection

    ID: T1119

    Tactics: Collection

    Description: https://blog.cyble.com/2023/01/06/lummac2-stealer-a-potent-threat-to-crypto-users/

  • Automated Exfiltration

    ID: T1020

    Tactics: Exfiltration

    Description: https://blog.cyble.com/2023/01/06/lummac2-stealer-a-potent-threat-to-crypto-users/

  • Credentials from Web Browsers

    ID: T1555.003

    Tactics: Credential Access

    Description: https://blog.cyble.com/2023/01/06/lummac2-stealer-a-potent-threat-to-crypto-users/

  • Data from Local System

    ID: T1005

    Tactics: Collection

    Description: https://blog.cyble.com/2023/01/06/lummac2-stealer-a-potent-threat-to-crypto-users/

  • Deobfuscate/Decode Files or Information

    ID: T1140

    Tactics: Defense Evasion

    Description: https://blog.cyble.com/2023/01/06/lummac2-stealer-a-potent-threat-to-crypto-users/

  • File and Directory Discovery

    ID: T1083

    Tactics: Discovery

    Description: https://blog.cyble.com/2023/01/06/lummac2-stealer-a-potent-threat-to-crypto-users/

  • Impair Defenses

    ID: T1562

    Tactics: Defense Evasion

    Description: https://blog.cyble.com/2023/01/06/lummac2-stealer-a-potent-threat-to-crypto-users/

  • Steal Web Session Cookie

    ID: T1539

    Tactics: Credential Access

    Description: https://blog.cyble.com/2023/01/06/lummac2-stealer-a-potent-threat-to-crypto-users/

  • System Information Discovery

    ID: T1082

    Tactics: Discovery

    Description: https://blog.cyble.com/2023/01/06/lummac2-stealer-a-potent-threat-to-crypto-users/

infostealers-logo

BE THE FIRST TO KNOW

Get FREE access to Cavalier GPT

Stay informed with the latest insights in our Infostealers weekly report.

Receive a notification if your email is involved in an Infostealer infection.

No Spam, We Promise

BE THE FIRST TO KNOW

Get FREE access to Cavalier GPT

Stay informed with the latest insights in our Infostealers weekly report.

Receive a notification if your email is involved in an Infostealer infection.

No Spam, We Promise