Skip to content

Hide Navigation Hide TOC

APT16 - G0023 (d6e88e18-81e8-4709-82d8-973095da1e70)

APT16 is a China-based threat group that has launched spearphishing campaigns targeting Japanese and Taiwanese organizations. (Citation: FireEye EPS Awakens Part 2)

Cluster A Galaxy A Cluster B Galaxy B Level
ELMER - S0064 (3cab1b76-2f40-4cd0-8d2c-7ed16eeb909c) Malware APT16 - G0023 (d6e88e18-81e8-4709-82d8-973095da1e70) Intrusion Set 1
Identify business relationships - T1272 (5b6ce031-bb86-407a-9984-2b9700ac4549) Attack Pattern APT16 - G0023 (d6e88e18-81e8-4709-82d8-973095da1e70) Intrusion Set 1
Compromise 3rd party infrastructure to support delivery - T1334 (e51398e6-53dc-4e9f-a323-e54683d8672b) Attack Pattern APT16 - G0023 (d6e88e18-81e8-4709-82d8-973095da1e70) Intrusion Set 1
Server - T1584.004 (e196b5c5-8118-4a1c-ab8a-936586ce3db5) Attack Pattern APT16 - G0023 (d6e88e18-81e8-4709-82d8-973095da1e70) Intrusion Set 1
ELMER - S0064 (3cab1b76-2f40-4cd0-8d2c-7ed16eeb909c) Malware Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161) Attack Pattern 2
ELMER - S0064 (3cab1b76-2f40-4cd0-8d2c-7ed16eeb909c) Malware Process Discovery - T1057 (8f4a33ec-8b1f-4b80-a2f6-642b2e479580) Attack Pattern 2
ELMER - S0064 (3cab1b76-2f40-4cd0-8d2c-7ed16eeb909c) Malware File and Directory Discovery - T1083 (7bc57495-ea59-4380-be31-a64af124ef18) Attack Pattern 2
Identify business relationships - T1283 (73e7d7d5-1782-4cd0-a4d7-00c7ec051c2a) Attack Pattern Identify business relationships - T1272 (5b6ce031-bb86-407a-9984-2b9700ac4549) Attack Pattern 2
Compromise 3rd party infrastructure to support delivery - T1334 (e51398e6-53dc-4e9f-a323-e54683d8672b) Attack Pattern Compromise 3rd party infrastructure to support delivery - T1312 (4900fabf-1142-4c1f-92f5-0b590e049077) Attack Pattern 2
Server - T1584.004 (e196b5c5-8118-4a1c-ab8a-936586ce3db5) Attack Pattern Compromise Infrastructure - T1584 (7e3beebd-8bfe-4e7b-a892-e44ab06a75f9) Attack Pattern 2
Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161) Attack Pattern Application Layer Protocol - T1071 (355be19c-ffc9-46d5-8d50-d6a036c675b6) Attack Pattern 3