T1569 - DPRK Threat Intelligence

#T1569 System Services

Technique

Tactics: Execution
Description:
Adversaries may abuse system services or daemons to execute commands or programs. Adversaries can execute malicious content by interacting with or creating services either locally or remotely. Many services are set to run at boot, which can aid in achieving persistence ([Create or Modify System Process](https://attack.mitre.org/techniques/T1543)), but adversaries can also abuse services for one-time or temporary execution.
First Seen: APT38 • 2019-01-29

MITRE ATT&CK

3

Tagged Reports
2

Unique Authors
2,394

Active Days

Tagged Reports

2025-08-18

Trellix

The Coordinated Embassy Hunt: Unmasking the DPRK-linked GitHub C2 Espionage Campaign

#Kimsuky #LNK #Phishing #XenoRAT #T1134 #T1102.002 #T1059.005 #T1106 #T1027 #T1568 #T1082 #T1566.001 #T1087.001 #T1567.002 #T1102.003 #T1053.005 #T1071.004 #T1204.002 #T1105 #T1071.001 #T1112 #T1083 #T1059.001 #T1569 #T1033 #T1036.005 #T1566.002 #T1569.002

2024-08-26

MITRE

Moonstone Sleet

#G1036 #MoonstoneSleet #T1589 #T1608 #T1587 #T1016 #T1027 #T1071 #T1082 #T1566 #T1591 #T1585 #T1140 #T1598 #T1583 #T1195 #T1105 #T1547 #T1053 #T1486 #T1569 #T1033 #T1204 #T1217 #T1003

2019-01-29

MITRE

APT38

#G0082 #APT38 #T1562 #T1543 #T1106 #T1027 #T1071 #T1057 #T1056 #T1082 #T1566 #T1529 #T1485 #T1135 #T1049 #T1218 #T1005 #T1518 #T1505 #T1561 #T1105 #T1588 #T1565 #T1115 #T1070 #T1112 #T1083 #T1053 #T1486 #T1189 #T1569 #T1033 #T1110 #T1204 #T1059 #T1217

« Back