Skip to content

Hide Navigation Hide TOC

PinchDuke - S0048 (ae9d818d-95d0-41da-b045-9cabea1ca164)

PinchDuke is malware that was used by APT29 from 2008 to 2010. (Citation: F-Secure The Dukes)

Cluster A Galaxy A Cluster B Galaxy B Level
System Information Discovery - T1082 (354a7f88-63fb-41b5-a801-ce3b377b36f1) Attack Pattern PinchDuke - S0048 (ae9d818d-95d0-41da-b045-9cabea1ca164) Malware 1
PinchDuke - S0048 (ae9d818d-95d0-41da-b045-9cabea1ca164) Malware Credentials from Password Stores - T1555 (3fc9b85a-2862-4363-a64d-d692e3ffbee0) Attack Pattern 1
Credentials from Web Browsers - T1555.003 (58a3e6aa-4453-4cc8-a51f-4befe80b31a8) Attack Pattern PinchDuke - S0048 (ae9d818d-95d0-41da-b045-9cabea1ca164) Malware 1
PinchDuke - S0048 (ae9d818d-95d0-41da-b045-9cabea1ca164) Malware File and Directory Discovery - T1083 (7bc57495-ea59-4380-be31-a64af124ef18) Attack Pattern 1
PinchDuke - S0048 (ae9d818d-95d0-41da-b045-9cabea1ca164) Malware Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161) Attack Pattern 1
Data from Local System - T1005 (3c4a2599-71ee-4405-ba1e-0e28414b4bc5) Attack Pattern PinchDuke - S0048 (ae9d818d-95d0-41da-b045-9cabea1ca164) Malware 1
PinchDuke - S0048 (ae9d818d-95d0-41da-b045-9cabea1ca164) Malware OS Credential Dumping - T1003 (0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22) Attack Pattern 1
Credentials from Web Browsers - T1555.003 (58a3e6aa-4453-4cc8-a51f-4befe80b31a8) Attack Pattern Credentials from Password Stores - T1555 (3fc9b85a-2862-4363-a64d-d692e3ffbee0) Attack Pattern 2
Application Layer Protocol - T1071 (355be19c-ffc9-46d5-8d50-d6a036c675b6) Attack Pattern Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161) Attack Pattern 2