Gorgon Group
Aliases: None listed
Gorgon Group is a threat group consisting of members who are suspected to be Pakistan-based or have other connections to Pakistan. The group has performed a mix of criminal and targeted attacks, including campaigns against government organizations in the United Kingdom, Spain, Russia, and the United States.
Open interactive actor investigation
ATT&CK techniques
T1055.012
Process HollowingT1140
Deobfuscate/Decode Files or InformationT1106
Native APIT1547.001
Registry Run Keys / Startup FolderT1059.001
PowerShellT1059.003
Windows Command ShellT1105
Ingress Tool TransferT1566.001
Spearphishing AttachmentT1564.003
Hidden WindowT1055.002
Portable Executable InjectionT1562.001
Disable or Modify ToolsT1112
Modify RegistryT1547.009
Shortcut ModificationT1204.002
Malicious FileT1588.002
ToolT1059.005
Visual Basic
Process HollowingT1140
Deobfuscate/Decode Files or InformationT1106
Native APIT1547.001
Registry Run Keys / Startup FolderT1059.001
PowerShellT1059.003
Windows Command ShellT1105
Ingress Tool TransferT1566.001
Spearphishing AttachmentT1564.003
Hidden WindowT1055.002
Portable Executable InjectionT1562.001
Disable or Modify ToolsT1112
Modify RegistryT1547.009
Shortcut ModificationT1204.002
Malicious FileT1588.002
ToolT1059.005
Visual Basic