References

Type
Url
Description

technique

https://attack.mitre.org/techniques/T1087/002


technique

https://citizenlab.ca/2015/12/packrat-report/

Scott-Railton, J., et al. (2015, December 8). Packrat. Retrieved December 18, 2020.


technique

https://www.fireeye.com/blog/threat-research/2012/12/council-foreign-relations-water-hole-attack-det

Kindlund, D. (2012, December 30). CFR Watering Hole Attack Details. Retrieved December 18, 2020.


technique

https://helgeklein.com/blog/2010/04/active-setup-explained/

Klein, H. (2010, April 22). Active Setup Explained. Retrieved December 18, 2020.


technique

https://digital-forensics.sans.org/summit-archives/2010/35-glyer-apt-persistence-mechanisms.pdf

Glyer, C. (2010). Examples of Recent APT Persitence Mechanism. Retrieved December 18, 2020.


technique

https://securelist.com/whos-really-spreading-through-the-bright-star/68978/

Baumgartner, K., Guerrero-Saade, J. (2015, March 4). Who’s Really Spreading through the Bright Star?. Retrieved December 18, 2020.


technique

https://technet.microsoft.com/en-us/sysinternals/bb963902

Russinovich, M. (2016, January 4). Autoruns for Windows v13.51. Retrieved June 6, 2016.


technique

https://attack.mitre.org/techniques/T1547/014


technique

https://unit42.paloaltonetworks.com/unit42-tropic-trooper-targets-taiwanese-government-and-fossil-fu

Ray, V., et al. (2016, November 22). Tropic Trooper Targets Taiwanese Government and Fossil Fuel Provider With Poison Ivy. Retrieved December 18, 2020.


technique

http://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Lab-Analysis-OSX-Pirrit-4-6-16.pdf

Amit Serper. (2016). Cybereason Lab Analysis OSX.Pirrit. Retrieved July 31, 2020.