technique
https://attack.mitre.org/techniques/T1087/002
technique
https://citizenlab.ca/2015/12/packrat-report/
Scott-Railton, J., et al. (2015, December 8). Packrat. Retrieved December 18, 2020.
technique
https://www.fireeye.com/blog/threat-research/2012/12/council-foreign-relations-water-hole-attack-det
Kindlund, D. (2012, December 30). CFR Watering Hole Attack Details. Retrieved December 18, 2020.
technique
https://helgeklein.com/blog/2010/04/active-setup-explained/
Klein, H. (2010, April 22). Active Setup Explained. Retrieved December 18, 2020.
technique
https://digital-forensics.sans.org/summit-archives/2010/35-glyer-apt-persistence-mechanisms.pdf
Glyer, C. (2010). Examples of Recent APT Persitence Mechanism. Retrieved December 18, 2020.
technique
https://securelist.com/whos-really-spreading-through-the-bright-star/68978/
Baumgartner, K., Guerrero-Saade, J. (2015, March 4). Who’s Really Spreading through the Bright Star?. Retrieved December 18, 2020.
technique
https://technet.microsoft.com/en-us/sysinternals/bb963902
Russinovich, M. (2016, January 4). Autoruns for Windows v13.51. Retrieved June 6, 2016.
technique
https://attack.mitre.org/techniques/T1547/014
technique
https://unit42.paloaltonetworks.com/unit42-tropic-trooper-targets-taiwanese-government-and-fossil-fu
Ray, V., et al. (2016, November 22). Tropic Trooper Targets Taiwanese Government and Fossil Fuel Provider With Poison Ivy. Retrieved December 18, 2020.
technique
http://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Lab-Analysis-OSX-Pirrit-4-6-16.pdf
Amit Serper. (2016). Cybereason Lab Analysis OSX.Pirrit. Retrieved July 31, 2020.