Apt40

Every week, the Prelude team designs, builds and chains together TTPs. These chains, which mimic real-world cyberattacks, can be safely used to test your internal defenses. These chains are all usable in Prelude Operator.
Related Prelude themed chains
Release Date (Newest)
Filterfilter
Search for chains, TTPs, themes, and text

Browse By:

Platforms

  • All
  • Windows
  • Darwin
  • Linux
  • Global
  • Android

Tactics & Techniques

  • All
  • Resource Development
  • Initial Access
  • Defense Evasion
  • Command And Control
  • Discovery
  • Collection
  • Persistence
  • Credential Access
  • Privilege Escalation
  • Lateral Movement
  • Execution
  • Exfiltration
  • Impact

Tags

Licenses

APT40 Find and Exfiltrate

2022-05-10

/static/assets/linux-logo.svg/static/assets/apple-logo.svg/static/assets/windows-logo.svg
Find and exfiltrate files that potentially contain cleartext usernames or passwords based on filename.
APT40 educational institutions

2022-05-03

/static/assets/windows-logo.svg/static/assets/apple-logo.svg/static/assets/linux-logo.svg
Perform process injection and native API execution techniques.
Oasis

2022-04-26

/static/assets/windows-logo.svg/static/assets/apple-logo.svg/static/assets/linux-logo.svg
Based on APT40's initial access and password reuse techniques.
APT40 maritime industry

2022-04-19

/static/assets/windows-logo.svg
Emulating APT40's malware persistence techniques.
APT40 defense industry

2022-04-12

/static/assets/windows-logo.svg
Emulating APT40's multi-stage macro-enabled documents.