CavalierGPT: The First Comprehensive Infostealers AI Bot - Read More →

Created by: lindbergh

Date created: 2022-12-16

Last edited: 2023-01-24

Description: Heatmap of instances of ATT&CK techniques for Mars Stealer based on recent public CTI reporting (sources in notes for each technique).

Techniques (10)

  • Credentials from Web Browsers

    ID: T1555.003

    Tactics: Credential Access

    Description: https://blog.cyble.com/2022/08/02/fake-atomic-wallet-website-distributing-mars-stealer/

  • Exfiltration Over C2 Channel

    ID: T1041

    Tactics: Exfiltration

    Description: https://blog.cyble.com/2022/08/02/fake-atomic-wallet-website-distributing-mars-stealer/

  • Hide Artifacts

    ID: T1564

    Tactics: Defense Evasion

    Description: https://blog.cyble.com/2022/08/02/fake-atomic-wallet-website-distributing-mars-stealer/

  • Obfuscated Files or Information

    ID: T1027

    Tactics: Defense Evasion

    Description: https://blog.cyble.com/2022/08/02/fake-atomic-wallet-website-distributing-mars-stealer/

  • Phishing

    ID: T1566

    Tactics: Initial Access

    Description: https://blog.cyble.com/2022/08/02/fake-atomic-wallet-website-distributing-mars-stealer/

  • Steal Application Access Token

    ID: T1528

    Tactics: Credential Access

    Description: https://blog.cyble.com/2022/08/02/fake-atomic-wallet-website-distributing-mars-stealer/

  • Steal Web Session Cookie

    ID: T1539

    Tactics: Credential Access

    Description: https://blog.cyble.com/2022/08/02/fake-atomic-wallet-website-distributing-mars-stealer/

  • System Information Discovery

    ID: T1082

    Tactics: Discovery

    Description: https://blog.cyble.com/2022/08/02/fake-atomic-wallet-website-distributing-mars-stealer/

  • Unsecured Credentials

    ID: T1552

    Tactics: Credential Access

    Description: https://blog.cyble.com/2022/08/02/fake-atomic-wallet-website-distributing-mars-stealer/

  • User Execution

    ID: T1204

    Tactics: Execution

    Description: https://blog.cyble.com/2022/08/02/fake-atomic-wallet-website-distributing-mars-stealer/

infostealers-logo

BE THE FIRST TO KNOW

Get FREE access to Cavalier GPT

Stay informed with the latest insights in our Infostealers weekly report.

Receive a notification if your email is involved in an Infostealer infection.

No Spam, We Promise

BE THE FIRST TO KNOW

Get FREE access to Cavalier GPT

Stay informed with the latest insights in our Infostealers weekly report.

Receive a notification if your email is involved in an Infostealer infection.

No Spam, We Promise