APT
ATLAS
Atlas
Actors
Sectors
Requirements
⌘K
▸
sign in
Atlas
Actors
Sectors
Requirements
LOADING
APT33 (aka Magnallium, HOLMIUM) · APT Atlas
Actors
/
Nation-state / APT
/
Asia
APT33
APT
IR · Iran
AKA
Magnallium · HOLMIUM · Elfin · ATK35
CrowdStrike
:
REFINED KITTEN
Microsoft
:
Peach Sandstorm
Targets
9
Sectors
6
Threat types
2
GIRs covered
0/480
Active since
2013
Pin to atlas
Watch
Share
Export
Victimology
Geographic footprint · 9 countries
Region filter
Export
origin · Iran
targeted countries · 9
ASIA ·
4
United Arab Emirates
·
Japan
·
South Korea
·
Saudi Arabia
OCEANIA ·
1
Australia
AMERICAS ·
2
Canada
·
United States
EUROPE ·
2
Switzerland
·
Netherlands
Sectors targeted
6 of 40
Defense
60 actors
Aerospace
49 actors
Energy / Utilities
49 actors
Oil and Gas
19 actors
Industrials / Engineering
23 actors
Private Sector (generic)
28 actors
Tactics, techniques, procedures
Threat types + MITRE ATT&CK mapping
THREAT TYPES
ESP · Espionage
SUP · Supply Chain
MITRE ATT&CK · 24 techniques
Initial Access
· 2
T1566.001
Spearphishing Attachment
T1566.002
Spearphishing Link
Execution
· 5
T1053.005
Scheduled Task
Persistence
· 1
Privilege Escalation
· 1
T1068
Exploitation for Privilege Escalation
Credential Access
· 8
T1003.001
LSASS Memory
Collection
· 1
T1560.001
Archive via Utility
Exfiltration
· 1
T1048.003
Exfiltration Over Unencrypted Non-C2 Protocol
Command And Control
· 3
T1071.001
Web Protocols
Stealth
· 2
T1078
Valid Accounts
GIR coverage
0 / 480 requirements satisfied
Open matrix
No GIRs mapped yet for this actor.
Related actors
By origin and actor type
APT2
nation-state
China · 6 targets · since 2010
APT5
nation-state
China · 15 targets · since 2007
APT8
nation-state
China · 5 targets · since —
APT14
nation-state
China · 15 targets · since —
APT17
nation-state
China · 10 targets · since 2009
APT20
nation-state
China · 14 targets · since 2011
T1059.001
PowerShell
T1059.005
Visual Basic
T1203
Exploitation for Client Execution
T1204.001
Malicious Link
T1547.001
Registry Run Keys / Startup Folder
T1003.004
LSA Secrets
T1003.005
Cached Domain Credentials
T1040
Network Sniffing
T1552.001
Credentials In Files
T1552.006
Group Policy Preferences
T1555
Credentials from Password Stores
T1555.003
Credentials from Web Browsers
T1105
Ingress Tool Transfer
T1571
Non-Standard Port
T1078.004
Cloud Accounts