A multinational technology company has been the target of several cyber attacks in the past few months. The attackers have been successful in stealing sensitive intellectual property and causing disruptions to the company's operations. A threat advisory report about similar attacks has been shared, and as a CTI analyst, your task is to identify the Tactics, Techniques, and Procedures (TTPs) being used by the Threat group and gather as much information as possible about their identity and motive. For this task, you will utilise the OpenCTI platform as well as the MITRE ATT&CK navigator.
What kind of phishing campaign does APT X use as part of their TTPs?
spear-phishing emails
What is the name of the malware used by APT X?
USBferry
What is the malware's STIX ID?
we can search the malware on the OpenCTI arsenal:
With the use of a USB, what technique did APT X use for initial access?
in the knowledge tab of the malware we can go to global kill chain: