APT1
Aliases: Comment Crew, Comment Group, Comment Panda
APT1 is a Chinese threat group that has been attributed to the 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department, commonly known by its Military Unit Cover Designator (MUCD) as Unit 61398.
Open interactive actor investigation
ATT&CK techniques
T1003.001
LSASS MemoryT1057
Process DiscoveryT1005
Data from Local SystemT1550.002
Pass the HashT1583.001
DomainsT1560.001
Archive via UtilityT1119
Automated CollectionT1114.002
Remote Email CollectionT1566.002
Spearphishing LinkT1016
System Network Configuration DiscoveryT1114.001
Local Email CollectionT1588.001
MalwareT1049
System Network Connections DiscoveryT1585.002
Email AccountsT1584.001
DomainsT1036.005
Match Legitimate Name or LocationT1087.001
Local AccountT1566.001
Spearphishing AttachmentT1135
Network Share DiscoveryT1059.003
Windows Command ShellT1588.002
ToolT1007
System Service DiscoveryT1021.001
Remote Desktop ProtocolT1059
Command and Scripting Interpreter
LSASS MemoryT1057
Process DiscoveryT1005
Data from Local SystemT1550.002
Pass the HashT1583.001
DomainsT1560.001
Archive via UtilityT1119
Automated CollectionT1114.002
Remote Email CollectionT1566.002
Spearphishing LinkT1016
System Network Configuration DiscoveryT1114.001
Local Email CollectionT1588.001
MalwareT1049
System Network Connections DiscoveryT1585.002
Email AccountsT1584.001
DomainsT1036.005
Match Legitimate Name or LocationT1087.001
Local AccountT1566.001
Spearphishing AttachmentT1135
Network Share DiscoveryT1059.003
Windows Command ShellT1588.002
ToolT1007
System Service DiscoveryT1021.001
Remote Desktop ProtocolT1059
Command and Scripting Interpreter
