Leafminer

OriginIrã

Techniques (MITRE ATT&CK)17

SourceMITRE ATT&CK

Also known as:Raspite

Vexday analysis

Leafminer (também conhecido como Raspite) é um grupo de ameaça persistente avançada de origem iraniana que tem como alvo organizações governamentais e entidades empresariais no Oriente Médio, com atividade documentada desde pelo menos o início de 2017. Registrado no MITRE ATT&CK como G0077, o grupo possui 17 técnicas documentadas na matriz.

Techniques (MITRE ATT&CK) 17

How the group operates, mapped to the MITRE ATT&CK matrix and organized by the phases of an attack.

Resource development

Initial access

Execution

Persistence

Credential access

LSASS Memory LSA Secrets Cached Domain Credentials Password Spraying Credentials In Files Credentials from Password Stores Credentials from Web Browsers

Discovery

Remote System Discovery Network Service Discovery File and Directory Discovery

Collection

Remote Email Collection

stealth

Command Obfuscation Process Doppelgänging

Exploited vulnerabilities

No CVEs attributed to this group in public sources (MITRE ATT&CK). Absence of attribution does not mean absence of activity.

Leafminer uses real techniques and exploits real flaws. TrueHacking's AI Autonomous Pentest simulates these attacks against your infrastructure and brings more security to your application.

Explore the AI Autonomous Pentest →