T1548 - DPRK Threat Intelligence

#T1548 Abuse Elevation Control Mechanism

Technique

Tactics: Privilege Escalation, Defense Evasion
Description:
Adversaries may circumvent mechanisms designed to control elevate privileges to gain higher-level permissions. Most modern systems contain native elevation control mechanisms that are intended to limit privileges that a user can perform on a machine. Authorization has to be granted to specific users in order to perform tasks that can be considered of higher risk.(Citation: TechNet How UAC Works)(Citation: sudo man page 2018) An adversary can perform several methods to take advantage of built-in control mechanisms in order to escalate privileges on a system.(Citation: OSX Keydnap malware)(Citation: Fortinet Fareit)
First Seen: APT37 • 2018-04-18

MITRE ATT&CK

5

Tagged Reports
5

Unique Authors
2,285

Active Days

Tagged Reports

2024-07-19

Cyfirma

APT Quarterly Highlights : Q2 2024

#Trend #Andariel #Kimsuky #MoonstoneSleet #Lazarus #T1562.001 #T1190 #T1068 #T1543.003 #T1056 #T1595.002 #T1059.003 #T1566 #T1485 #T1218.011 #T1069.002 #T1010 #T1571 #T1102.001 #T1583.001 #T1555.003 #T1033 #T1497.001 #T1203 #T1036 #T1012 #T1027 #T1583.003 #T1071 #T1562.004 #T1614 #T1027.005 #T1548 #T1552 #T1140 #T1005 #T1053.005 #T1564.001 #T1555 #T1129 #T1070.001 #T1046 #T1070 #T1095 #T1569.002 #T1562 #T1573 #T1047 #T1552.001 #T1057 #T1082 #T1518.001 #T1176 #T1090 #T1518 #T1539 #T1041 #T1564 #T1560 #T1202 #T1071.001 #T1547 #T1112 #T1497 #T1059.001 #T1124 #T1056.001 #T1222 #T1070.006 #T1059 #T1564.003 #T1222.001 #T1056.004 #T1547.001 #T1584 #T1087.002 #T1070.004 #T1505.003 #T1113 #T1608.005 #T1204.002 #T1087 #T1574.002 #T1115 #T1083 #T1490 #T1053 #T1486 #T1566.002 #T1133 #T1021.004 #T1003

2024-03-21

Secu I

"북한지 기고문"을 위장하여 유포된 LNK 악성코드

#APT37 #RokRAT #LNK #T1573 #T1203 #T1036 #T1012 #T1106 #T1027 #T1564.003 #T1071 #T1057 #T1082 #T1485 #T1027.004 #T1548 #T1564.001 #T1564 #T1560 #T1202 #T1070 #T1497 #T1059.001 #T1033 #T1059 #T1003

2022-04-29

PWC

Cyber Threats 2021: A Year in Retrospect

#Trend #BlackBanshee #BlackAlicanto #T1589 #T1069 #T1190 #T1608 #T1036 #T1573 #T1036.007 #T1059.005 #T1068 #T1027 #T1570 #T1595 #T1048 #T1592 #T1615 #T1071 #T1482 #T1057 #T1082 #T1056 #T1059.003 #T1221 #T1566.001 #T1566 #T1074.001 #T1614.001 #T1016.001 #T1591 #T1548 #T1090 #T1547.001 #T1620 #T1049 #T1021 #T1135 #T1005 #T1078 #T1204.001 #T1070.004 #T1053.005 #T1041 #T1113 #T1132.001 #T1555 #T1560 #T1204.002 #T1105 #T1071.001 #T1039 #T1132 #T1547 #T1112 #T1070 #T1087 #T1083 #T1486 #T1124 #T1033 #T1210 #T1110 #T1095 #T1204 #T1059 #T1003

2021-02-17

USCISA

AppleJeus: Analysis of North Korea’s Cryptocurrency Malware

#Cryptocurrency #AppleJeus #T1573 #T1059.002 #T1588.004 #T1059.004 #T1027 #T1583.006 #T1543.003 #T1053.004 #T1548 #T1573.001 #T1587.001 #T1041 #T1564.001 #T1053.005 #T1588.003 #T1204.002 #T1071.001 #T1543.004 #T1547 #T1583.001 #T1033 #T1566.002 #T1059

2018-04-18

MITRE

APT37

#APT37 #G0067 #T1203 #T1036 #T1123 #T1106 #T1027 #T1102 #T1071 #T1057 #T1082 #T1566 #T1529 #T1120 #T1548 #T1005 #T1559 #T1561 #T1555 #T1105 #T1055 #T1547 #T1053 #T1189 #T1033 #T1204 #T1059

« Back