Home >
Enterprise >
Participants >
FireEye >
Lateral Tool Transfer (T1570)
|
|
Carbanak+FIN7 |
||||||
Step | ATT&CK Pattern |
|
||||
5.A.9
![]() |
Tactic Lateral Movement (TA0008) |
|
||||
5.A.10
![]() |
Tactic Lateral Movement (TA0008) |
|
||||
5.A.11
![]() |
Tactic Lateral Movement (TA0008) |
|
||||
5.C.4
|
Tactic Lateral Movement (TA0008) |
|
APT29 |
||||||
Step | ATT&CK Pattern |
|
||||
16.D.1
|
Tactic Lateral Movement (TA0008) |
|
APT3 |
||||||
Step | ATT&CK Pattern |
|
||||
16.G.1
|
Tactic Lateral Movement (TA0008) |
|
Procedure
Empire: Built-in move capability executed to write malicious VBScript (update.vbs) to disk on Creeper (10.0.0.4)
Footnotes
- Managed Defense Reports are reports provided by FireEye's managed detection and response (MDR) service. FireEye provided reports to MITRE after the completion of the evaluation to mimic what they would produce in a real incident.


[2]

