LazyScripter

Techniques (MITRE ATT&CK)20

SourceMITRE ATT&CK

Vexday analysis

LazyScripter é um grupo de ameaça persistente avançada (APT) rastreado pelo MITRE ATT&CK sob o identificador G0140, com atuação documentada no setor de aviação civil desde pelo menos 2018. O grupo tem como característica marcante o uso predominante de ferramentas de código aberto em suas operações. Ao todo, 20 técnicas ATT&CK foram documentadas em associação ao grupo.

Techniques (MITRE ATT&CK) 20

How the group operates, mapped to the MITRE ATT&CK matrix and organized by the phases of an attack.

Resource development

Domains Web Services Malware Upload Malware

Initial access

Spearphishing Attachment Spearphishing Link

Execution

PowerShell Windows Command Shell Visual Basic JavaScript Malicious Link Malicious File

Persistence

Registry Run Keys / Startup Folder

Command and control

DNS Web Service Ingress Tool Transfer

stealth

Command Obfuscation Masquerading Mshta Rundll32

Exploited vulnerabilities

No CVEs attributed to this group in public sources (MITRE ATT&CK). Absence of attribution does not mean absence of activity.

LazyScripter uses real techniques and exploits real flaws. TrueHacking's AI Autonomous Pentest simulates these attacks against your infrastructure and brings more security to your application.

Explore the AI Autonomous Pentest →