G0023 APT16
APT16 is a China-based threat group that has launched spearphishing campaigns targeting Japanese and Taiwanese organizations. 1
| Item | Value |
|---|---|
| ID | G0023 |
| Associated Names | |
| Version | 1.1 |
| Created | 31 May 2017 |
| Last Modified | 26 July 2022 |
| Navigation Layer | View In ATT&CK® Navigator |
Techniques Used
| Domain | ID | Name | Use |
|---|---|---|---|
| enterprise | T1584 | Compromise Infrastructure | - |
| enterprise | T1584.004 | Server | APT16 has compromised otherwise legitimate sites as staging servers for second-stage payloads.1 |
Software
| ID | Name | References | Techniques |
|---|---|---|---|
| S0064 | ELMER | 1 | Web Protocols:Application Layer Protocol File and Directory Discovery Process Discovery |