Conti

Every week, the Prelude team designs, builds and chains together TTPs. These chains, which mimic real-world cyberattacks, can be safely used to test your internal defenses. These chains are all usable in Prelude Operator.
Related Prelude themed chains
Release Date (Newest)
Filterfilter
Search for chains, TTPs, themes, and text

Browse By:

Platforms

  • All
  • Windows
  • Linux
  • Darwin
  • Global
  • Android

Tactics & Techniques

  • All
  • Resource Development
  • Initial Access
  • Defense Evasion
  • Command And Control
  • Discovery
  • Collection
  • Persistence
  • Credential Access
  • Privilege Escalation
  • Lateral Movement
  • Execution
  • Exfiltration
  • Impact

Tags

Licenses

Conti Deploy Ransomware

2022-02-14

/static/assets/windows-logo.svg
Deploy Conti ransomware to encrypt host files.
Conti Collect and Exfiltrate

2022-02-08

/static/assets/windows-logo.svg
Automatically collect information and exfiltrate with rclone to a cloud service.
Conti Move To Remote System

2022-02-01

/static/assets/windows-logo.svg
Perform lateral movement of Jambi agent to discovered AD targets
Conti Privilege Escalation and Persistence

2022-01-25

/static/assets/windows-logo.svg
Use PrintNightmare & ZeroLogon exploits to gain privileges and extract the krbtgt NTLM hash from a DC.
Conti Local and Remote Discovery

2022-01-18

/static/assets/windows-logo.svg
Using the Jambi agent from the initial access chain, discover local services, active directory objects, and check the box for PrintNightmare.
Conti Recon And Initial Access

2022-01-10

/static/assets/windows-logo.svg
Perform recon and initial access of target environment
Conti (Discovery)

2021-09-21

/static/assets/windows-logo.svg
Perform the initial discovery and credential access techniques used in Conti ransomware playbook.