RTM

OriginRússia

Techniques (MITRE ATT&CK)7

SourceMITRE ATT&CK

Vexday analysis

Grupo criminoso de origem russa ativo pelo menos desde 2015, o RTM (identificador MITRE ATT&CK G0048) concentra suas operações em usuários de sistemas de banco remoto na Rússia e países vizinhos. O grupo utiliza um trojan homônimo como principal ferramenta de ataque. Seu perfil técnico conta com 7 técnicas documentadas na base MITRE ATT&CK.

Techniques (MITRE ATT&CK) 7

How the group operates, mapped to the MITRE ATT&CK matrix and organized by the phases of an attack.

Initial access

Drive-by Compromise Spearphishing Attachment

Execution

Malicious File

Persistence

Registry Run Keys / Startup Folder

Command and control

Dead Drop Resolver Remote Desktop Software

stealth

DLL

Exploited vulnerabilities

No CVEs attributed to this group in public sources (MITRE ATT&CK). Absence of attribution does not mean absence of activity.

RTM uses real techniques and exploits real flaws. TrueHacking's AI Autonomous Pentest simulates these attacks against your infrastructure and brings more security to your application.

Explore the AI Autonomous Pentest →