References

Type
Url
Description

technique

https://attack.mitre.org/techniques/T1213/002


technique

https://github.com/PowerShellMafia/PowerSploit/blob/master/Exfiltration/Invoke-NinjaCopy.ps1

Bialek, J. (2015, December 16). Invoke-NinjaCopy.ps1. Retrieved June 2, 2016.


technique

http://www.codeproject.com/Articles/32169/FDump-Dumping-File-Sectors-Directly-from-Disk-usin

Hakobyan, A. (2009, January 8). FDump - Dumping File Sectors Directly from Disk using Logical Offsets. Retrieved November 12, 2014.


technique

https://attack.mitre.org/techniques/T1006


technique

https://www.mozilla.org/en-US/security/advisories/mfsa2012-98/

Kugler, R. (2012, November 20). Mozilla Foundation Security Advisory 2012-98. Retrieved March 10, 2017.


technique

http://seclists.org/fulldisclosure/2015/Dec/34

Kanthak, S. (2015, December 8). Executable installers are vulnerable^WEVIL (case 7): 7z*.exe allows remote code execution with escalation of privilege. Retrieved March 10, 2017.


technique

https://capec.mitre.org/data/definitions/17.html


technique

https://attack.mitre.org/techniques/T1044


technique

https://torrentfreak.com/anonymous-hackers-deface-russian-govt-site-to-protest-web-blocking-nsfw-180

Andy. (2018, May 12). ‘Anonymous’ Hackers Deface Russian Govt. Site to Protest Web-Blocking (NSFW). Retrieved April 19, 2019.


technique

https://www.fireeye.com/content/dam/fireeye-www/current-threats/pdfs/ib-entertainment.pdf

FireEye. (n.d.). Retrieved April 19, 2019.