Pasam
ID: S0208
ⓘ
Type: MALWARE
ⓘ
Platforms: Windows
Version: 1.1
Created: 18 April 2018
Last Modified: 06 January 2021
Techniques Used
| Domain | ID | Name | Use | |
|---|---|---|---|---|
| Enterprise | T1005 | 从本地系统获取数据 |
Pasam creates a backdoor through which remote attackers can retrieve files.[2] |
|
| Enterprise | T1547 | .008 | 启动或登录自动启动执行: LSASS Driver |
Pasam establishes by infecting the Security Accounts Manager (SAM) DLL to load a malicious DLL dropped to disk.[2] |
| Enterprise | T1083 | 文件和目录发现 |
Pasam creates a backdoor through which remote attackers can retrieve lists of files.[2] |
|
| Enterprise | T1070 | .004 | 移除指标: File Deletion |
Pasam creates a backdoor through which remote attackers can delete files.[2] |
| Enterprise | T1082 | 系统信息发现 |
Pasam creates a backdoor through which remote attackers can retrieve information such as hostname and free disk space.[2] |
|
| Enterprise | T1105 | 输入工具传输 |
Pasam creates a backdoor through which remote attackers can upload files.[2] |
|
| Enterprise | T1057 | 进程发现 |
Pasam creates a backdoor through which remote attackers can retrieve lists of running processes.[2] |
|