CopyKittens

OriginIrã

Techniques (MITRE ATT&CK)8

SourceMITRE ATT&CK

Vexday analysis

Grupo iraniano de ciberespionagem ativo desde pelo menos 2013, o CopyKittens (identificador MITRE ATT&CK G0052) tem como alvos documentados países como Israel, Arábia Saudita, Turquia, Estados Unidos, Jordânia e Alemanha. O grupo é responsável pela campanha conhecida como Operation Wilted Tulip. Sua atuação está mapeada em 8 técnicas na base MITRE ATT&CK.

Techniques (MITRE ATT&CK) 8

How the group operates, mapped to the MITRE ATT&CK matrix and organized by the phases of an attack.

Resource development

Tool

Execution

PowerShell

Collection

Archive via Utility Archive via Custom Method

Command and control

Proxy

defense-impairment

Code Signing

stealth

Rundll32 Hidden Window

Exploited vulnerabilities

No CVEs attributed to this group in public sources (MITRE ATT&CK). Absence of attribution does not mean absence of activity.

CopyKittens uses real techniques and exploits real flaws. TrueHacking's AI Autonomous Pentest simulates these attacks against your infrastructure and brings more security to your application.

Explore the AI Autonomous Pentest →