/
TA459_G0062.json
1 lines (1 loc) · 1.31 KB
/
TA459_G0062.json
1
{"description": "Enterprise techniques used by TA459, ATT&CK group G0062 v1.0", "name": "TA459 (G0062)", "domain": "mitre-enterprise", "version": "2.2", "techniques": [{"score": 1, "techniqueID": "T1193", "techniqueName": "Spearphishing Attachment", "comment": "[TA459](https://attack.mitre.org/groups/G0062) has targeted victims using spearphishing emails with malicious Microsoft Word attachments."}, {"score": 1, "techniqueID": "T1203", "techniqueName": "Exploitation for Client Execution", "comment": "[TA459](https://attack.mitre.org/groups/G0062) has exploited Microsoft Word vulnerability CVE-2017-0199 for execution."}, {"score": 1, "techniqueID": "T1204", "techniqueName": "User Execution", "comment": "[TA459](https://attack.mitre.org/groups/G0062) has attempted to get victims to open malicious Microsoft Word attachment sent via spearphishing."}, {"score": 1, "techniqueID": "T1064", "techniqueName": "Scripting", "comment": "[TA459](https://attack.mitre.org/groups/G0062) has a VBScript for execution."}, {"score": 1, "techniqueID": "T1086", "techniqueName": "PowerShell", "comment": "[TA459](https://attack.mitre.org/groups/G0062) has used PowerShell for execution of a payload."}], "gradient": {"colors": ["#ffffff", "#ff6666"], "minValue": 0, "maxValue": 1}, "legendItems": [{"label": "used by TA459", "color": "#ff6666"}]}