APT18
Aliases: TG-0416, Dynamite Panda, Threat Group-0416
APT18 is a threat group that has operated since at least 2009 and has targeted a range of industries, including technology, manufacturing, human rights groups, government, and medical.
Open interactive actor investigation
ATT&CK techniques
T1078
Valid AccountsT1027.013
Encrypted/Encoded FileT1133
External Remote ServicesT1070.004
File DeletionT1053.002
AtT1105
Ingress Tool TransferT1071.004
DNST1082
System Information DiscoveryT1071.001
Web ProtocolsT1083
File and Directory DiscoveryT1059.003
Windows Command ShellT1547.001
Registry Run Keys / Startup Folder
Valid AccountsT1027.013
Encrypted/Encoded FileT1133
External Remote ServicesT1070.004
File DeletionT1053.002
AtT1105
Ingress Tool TransferT1071.004
DNST1082
System Information DiscoveryT1071.001
Web ProtocolsT1083
File and Directory DiscoveryT1059.003
Windows Command ShellT1547.001
Registry Run Keys / Startup Folder