Home >
Enterprise >
Participants >
FireEye >
Remote Services: Remote Desktop Protocol (T1021.001)
|
|
See subtechnique results for:
Carbanak+FIN7 |
||||||
Step | ATT&CK Pattern |
|
||||
7.A.5
|
|
|||||
7.B.3
|
|
|||||
19.A.2
|
|
APT29 |
||
The subtechnique was not in scope. |
APT3 |
||||||||
Step | ATT&CK Pattern |
|
||||||
6.C.1
|
|
|||||||
10.B.1.2
|
|
|||||||
20.A.1.2
|
|
Procedure
RDP connection made to Conficker (10.0.0.5) as part of execution of persistence mechanism
Footnotes
- Managed Defense Reports are reports provided by FireEye's managed detection and response (MDR) service. FireEye provided reports to MITRE after the completion of the evaluation to mimic what they would produce in a real incident.


[2]


[3]


Procedure
RDP connection made to Creeper (10.0.0.4) as part of execution of persistence mechanism
Footnotes
- Managed Defense Reports are reports provided by FireEye's managed detection and response (MDR) service. FireEye provided reports to MITRE after the completion of the evaluation to mimic what they would produce in a real incident.


[2]

