Home >
Enterprise >
Participants >
Kaspersky >
System Information Discovery (T1082)
|
|
APT29 |
||||
Step | ATT&CK Pattern |
|
||
4.C.3
|
Tactic Discovery (TA0007) |
|
||
4.C.6
|
Tactic Discovery (TA0007) |
|
||
11.A.4
|
Tactic Discovery (TA0007) |
|
||
13.A.1
|
Tactic Discovery (TA0007) |
|
Procedure
Enumerated the computer hostname using PowerShell
Criteria
powershell.exe executing $env:COMPUTERNAME
Procedure
Enumerated the OS version using PowerShell
Criteria
powershell.exe executing Gwmi Win32_OperatingSystem